From 99cc5733d160ef14e99a04e124784cbdb162374a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 25 Apr 2023 04:47:14 +0000
Subject: [PATCH] fix: test/fixtures/demo-os/core/client/package.json &
 test/fixtures/demo-os/core/client/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-BL-608877
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-1056749
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-3136336
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173732
- https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173733
- https://snyk.io/vuln/SNYK-JS-MARKDOWNIT-2331914
- https://snyk.io/vuln/SNYK-JS-MARKDOWNIT-459438
- https://snyk.io/vuln/SNYK-JS-MERGE-1040469
- https://snyk.io/vuln/SNYK-JS-MERGE-1042987
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/SNYK-JS-MOUT-1014544
- https://snyk.io/vuln/SNYK-JS-MOUT-2342654
- https://snyk.io/vuln/SNYK-JS-NPM-537603
- https://snyk.io/vuln/SNYK-JS-NPM-537604
- https://snyk.io/vuln/SNYK-JS-NPM-537606
- https://snyk.io/vuln/SNYK-JS-NPM-575435
- https://snyk.io/vuln/SNYK-JS-NPMUSERVALIDATE-1019352
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-SHELLJS-2332187
- https://snyk.io/vuln/SNYK-JS-SOCKETIO-1024859
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-1056752
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-3091012
- https://snyk.io/vuln/SNYK-JS-TAR-1536528
- https://snyk.io/vuln/SNYK-JS-TAR-1536531
- https://snyk.io/vuln/SNYK-JS-TAR-1536758
- https://snyk.io/vuln/SNYK-JS-TAR-1579147
- https://snyk.io/vuln/SNYK-JS-TAR-1579152
- https://snyk.io/vuln/SNYK-JS-TAR-1579155
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
- https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984
- https://snyk.io/vuln/SNYK-JS-WS-1296835
- https://snyk.io/vuln/SNYK-JS-XMLDOM-1084960
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:chownr:20180731
- https://snyk.io/vuln/npm:clean-css:20180306
- https://snyk.io/vuln/npm:cli:20160615
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:handlebars:20151207
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:markdown-it:20150702
- https://snyk.io/vuln/npm:markdown-it:20160912
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20151024
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:npm:20180222
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:tunnel-agent:20170305


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20170412
---
 test/fixtures/demo-os/core/client/.snyk       | 19 ++++++++++++++++++
 .../fixtures/demo-os/core/client/package.json | 20 ++++++++++++-------
 2 files changed, 32 insertions(+), 7 deletions(-)
 create mode 100644 test/fixtures/demo-os/core/client/.snyk

diff --git a/test/fixtures/demo-os/core/client/.snyk b/test/fixtures/demo-os/core/client/.snyk
new file mode 100644
index 0000000000..fd6f3dcee6
--- /dev/null
+++ b/test/fixtures/demo-os/core/client/.snyk
@@ -0,0 +1,19 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - ember-cli > testem > socket.io > socket.io-adapter > socket.io-parser > debug:
+        patched: '2023-04-25T04:46:57.982Z'
+  'npm:lodash:20180130':
+    - ember-cli-babel > broccoli-babel-transpiler > babel-core > babel-plugin-proto-to-assign > lodash:
+        patched: '2023-04-25T04:46:57.982Z'
+    - ember-export-application-global > ember-cli-babel > broccoli-babel-transpiler > babel-core > babel-plugin-proto-to-assign > lodash:
+        patched: '2023-04-25T04:46:57.982Z'
+  'npm:minimatch:20160620':
+    - ember-cli > broccoli > findup-sync > glob > minimatch:
+        patched: '2023-04-25T04:46:57.982Z'
+  'npm:ms:20170412':
+    - ember-cli > testem > socket.io > socket.io-adapter > socket.io-parser > debug > ms:
+        patched: '2023-04-25T04:46:57.982Z'
diff --git a/test/fixtures/demo-os/core/client/package.json b/test/fixtures/demo-os/core/client/package.json
index 7932ed4e64..3b34b14adb 100644
--- a/test/fixtures/demo-os/core/client/package.json
+++ b/test/fixtures/demo-os/core/client/package.json
@@ -10,7 +10,9 @@
   "scripts": {
     "start": "ember server",
     "build": "ember build",
-    "test": "ember test"
+    "test": "ember test",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "repository": "",
   "engines": {
@@ -20,9 +22,9 @@
   "license": "MIT",
   "devDependencies": {
     "broccoli-asset-rev": "^2.0.2",
-    "ember-cli": "0.2.7",
+    "ember-cli": "4.11.0",
     "ember-cli-app-version": "0.3.3",
-    "ember-cli-babel": "^5.0.0",
+    "ember-cli-babel": "^7.0.0",
     "ember-cli-content-security-policy": "0.4.0",
     "ember-cli-copy-dereference": "1.0.0",
     "ember-cli-dependency-checker": "^1.0.0",
@@ -30,19 +32,23 @@
     "ember-cli-htmlbars": "0.7.6",
     "ember-cli-ic-ajax": "0.1.1",
     "ember-cli-inject-live-reload": "^1.3.0",
-    "ember-cli-mocha": "^0.7.0",
+    "ember-cli-mocha": "^0.9.4",
     "ember-cli-simple-auth": "0.8.0",
     "ember-cli-simple-auth-oauth2": "0.8.0",
-    "ember-cli-uglify": "^1.0.1",
+    "ember-cli-uglify": "^2.0.0",
     "ember-data": "1.0.0-beta.18",
-    "ember-export-application-global": "^1.0.2",
+    "ember-export-application-global": "^2.0.1",
     "ember-myth": "0.1.0",
     "fs-extra": "0.16.3",
-    "glob": "^4.0.5"
+    "glob": "^5.0.15"
   },
   "ember-addon": {
     "paths": [
       "lib/asset-delivery"
     ]
+  },
+  "snyk": true,
+  "dependencies": {
+    "@snyk/protect": "latest"
   }
 }