From 633865b876e3c4734f052101e0db9cbc702d78a5 Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Thu, 24 Oct 2024 14:48:57 +0000
Subject: [PATCH] fix:
 workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/package.json
 &
 workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/.snyk
 to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/SNYK-JS-HAWK-6969142
- https://snyk.io/vuln/SNYK-JS-JSYAML-173999
- https://snyk.io/vuln/SNYK-JS-JSYAML-174129
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/SNYK-JS-MOCHA-2863123
- https://snyk.io/vuln/SNYK-JS-MOCHA-561476
- https://snyk.io/vuln/SNYK-JS-SHELLJS-2332187
- https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984
- https://snyk.io/vuln/npm:cli:20160615
- https://snyk.io/vuln/npm:growl:20160721
- https://snyk.io/vuln/npm:handlebars:20151207
- https://snyk.io/vuln/npm:hawk:20160119
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:qs:20140806
- https://snyk.io/vuln/npm:qs:20140806-1
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:request:20160119
- https://snyk.io/vuln/npm:tunnel-agent:20170305


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:hawk:20160119
- https://snyk.io/vuln/npm:http-signature:20150122
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:request:20160119
- https://snyk.io/vuln/npm:tunnel-agent:20170305
- https://snyk.io/vuln/npm:uglify-js:20151024
---
 .../node_modules/log-driver/.snyk             | 40 +++++++++++++++++++
 .../node_modules/log-driver/package.json      | 18 ++++++---
 2 files changed, 52 insertions(+), 6 deletions(-)
 create mode 100644 workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/.snyk

diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/.snyk b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/.snyk
new file mode 100644
index 0000000000000..49d87d6a2f346
--- /dev/null
+++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/.snyk
@@ -0,0 +1,40 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:hawk:20160119':
+    - codecov.io > request > hawk:
+        patched: '2024-10-24T14:48:53.054Z'
+        id: 'npm:hawk:20160119'
+        path: codecov.io > request > hawk
+  'npm:http-signature:20150122':
+    - codecov.io > request > http-signature:
+        patched: '2024-10-24T14:48:53.054Z'
+        id: 'npm:http-signature:20150122'
+        path: codecov.io > request > http-signature
+  'npm:mime:20170907':
+    - codecov.io > request > form-data > mime:
+        patched: '2024-10-24T14:48:53.054Z'
+        id: 'npm:mime:20170907'
+        path: codecov.io > request > form-data > mime
+  'npm:minimatch:20160620':
+    - mocha > glob > minimatch:
+        patched: '2024-10-24T14:48:53.054Z'
+        id: 'npm:minimatch:20160620'
+        path: mocha > glob > minimatch
+  'npm:request:20160119':
+    - codecov.io > request:
+        patched: '2024-10-24T14:48:53.054Z'
+        id: 'npm:request:20160119'
+        path: codecov.io > request
+  'npm:tunnel-agent:20170305':
+    - codecov.io > request > tunnel-agent:
+        patched: '2024-10-24T14:48:53.054Z'
+        id: 'npm:tunnel-agent:20170305'
+        path: codecov.io > request > tunnel-agent
+  'npm:uglify-js:20151024':
+    - istanbul > handlebars > uglify-js:
+        patched: '2024-10-24T14:48:53.054Z'
+        id: 'npm:uglify-js:20151024'
+        path: istanbul > handlebars > uglify-js
diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/package.json b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/package.json
index d20ed7f9d5b1f..e719024f23fe5 100644
--- a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/package.json
+++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/log-driver/package.json
@@ -15,18 +15,20 @@
     "url": "git://github.com/cainus/logdriver.git"
   },
   "scripts": {
-    "test": "make test-codecov"
+    "test": "make test-codecov",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "maintainers": [
     "Gregg Caines <gregg@caines.ca> (http://caines.ca)"
   ],
   "devDependencies": {
     "codecov.io": "0.0.1",
-    "jshint": "2.4.4",
-    "istanbul": "0.2.6",
-    "coveralls": "2.10.0",
+    "jshint": "2.13.4",
+    "istanbul": "0.4.5",
+    "coveralls": "3.0.5",
     "sinon-restore": "1.0.1",
-    "mocha": "1.20.1",
+    "mocha": "10.1.0",
     "should": "1.1.0"
   },
   "engines": {
@@ -38,5 +40,9 @@
     "test": "test"
   },
   "author": "Gregg Caines",
-  "license": "ISC"
+  "license": "ISC",
+  "snyk": true,
+  "dependencies": {
+    "@snyk/protect": "latest"
+  }
 }