chore(*): Update dependency @simonsmith/cypress-image-snapshot to v8 [SECURITY]

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@simonsmith/cypress-image-snapshot	6.1.1 -> 8.0.2

GitHub Vulnerability Alerts

CVE-2023-38695

Impact

It's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. Example:

  cy.get('h1').matchImageSnapshot('../../../ignore-relative-dirs')

The above will create an ignore-relative-dirs.png three levels up

Patches

Fixed in 8.0.2

Workarounds

Validate all the existing uses of matchImageSnapshot to ensure correct use of the filename argument. Example:

    // snapshot name will be the test title
    cy.matchImageSnapshot();

    // snapshot name will be the name passed in
    cy.matchImageSnapshot('login');

References

https://github.com/simonsmith/cypress-image-snapshot/issues/15

---

Release Notes

simonsmith/cypress-image-snapshot (@​simonsmith/cypress-image-snapshot)

### [`v8.0.2`](https://togithub.com/simonsmith/cypress-image-snapshot/blob/HEAD/CHANGELOG.md#802-2023-07-31) [Compare Source](https://togithub.com/simonsmith/cypress-image-snapshot/compare/8.0.1...8.0.2) ##### Bug Fixes - sanitise snapshot filenames ([ef49519](https://togithub.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4)), closes [#​15](https://togithub.com/simonsmith/cypress-image-snapshot/issues/15) ### [`v8.0.1`](https://togithub.com/simonsmith/cypress-image-snapshot/blob/HEAD/CHANGELOG.md#801-2023-07-26) [Compare Source](https://togithub.com/simonsmith/cypress-image-snapshot/compare/8.0.0...8.0.1) ##### Bug Fixes - rename e2eSpecFolder -> e2eSpecDir ([106af6c](https://togithub.com/simonsmith/cypress-image-snapshot/commit/106af6c43b879954847f1ae08088d0063b1c1eba)) ### [`v8.0.0`](https://togithub.com/simonsmith/cypress-image-snapshot/blob/HEAD/CHANGELOG.md#800-2023-07-25) [Compare Source](https://togithub.com/simonsmith/cypress-image-snapshot/compare/7.0.0...8.0.0) ##### Bug Fixes - requireSnapshots should work with retries ([ebfc8be](https://togithub.com/simonsmith/cypress-image-snapshot/commit/ebfc8bebc806d3bf18a044cadecb47c75b1e6325)) ##### Features - normalise directory output for snapshots ([1939e25](https://togithub.com/simonsmith/cypress-image-snapshot/commit/1939e25461e5811f2e683e51415653707fd24f03)) ##### BREAKING CHANGES - This uses the `Cypress.spec.relative` option to generate the snapshot directory and changes the folder structure. It should now match the directory structure found in the `cypress/e2e/` directory Updating to this change may mean committing new snapshot paths and removing old ones in your project (especially with component testing) See the section "Snapshot paths" in the README for more information ### [`v7.0.0`](https://togithub.com/simonsmith/cypress-image-snapshot/blob/HEAD/CHANGELOG.md#700-2023-05-25) [Compare Source](https://togithub.com/simonsmith/cypress-image-snapshot/compare/6.1.1...7.0.0) ##### Bug Fixes - ensure files are packaged in root ([c0816dc](https://togithub.com/simonsmith/cypress-image-snapshot/commit/c0816dc9b3c809fc31fd9b147a3499a3e4e60f2d)) - move [@​types/jest-image-snapshot](https://togithub.com/types/jest-image-snapshot) ([5e65567](https://togithub.com/simonsmith/cypress-image-snapshot/commit/5e65567d2a383f65860976213ebab9a86da3ff72)) - release from root directory ([e0bab6a](https://togithub.com/simonsmith/cypress-image-snapshot/commit/e0bab6ac3a28d70697cfc2941559b188e6a21cad)) ##### Features - add recording of snapshot result ([488ae4b](https://togithub.com/simonsmith/cypress-image-snapshot/commit/488ae4be65267bb3547064becb864664a24f7846)) - add semantic release ([b1b063b](https://togithub.com/simonsmith/cypress-image-snapshot/commit/b1b063b3c31b33b25e0fb37e87048533c82a0139)) - allow default options to be passed into addMatchImageSnapshotCommand ([405afcb](https://togithub.com/simonsmith/cypress-image-snapshot/commit/405afcbd202adcb2665a5239120fb7d0fa02022b)) ##### BREAKING CHANGES - removed fork of original package This is a rewrite of the original library, now with full support for TypeScript and improved testing. Notes: - The API for `matchImageSnapshot` remains the same, as well as all the import paths - The behavior of the plugin is exactly the same, as are the default options TypeScript types are exported under `@simonsmith/cypress-image-snapshot/types`. These should be used instead of the package on DefinitelyTyped Removed: - The `reporter` is not supported in this version.

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[codecov[bot]]

Codecov Report

Patch and project coverage have no change.

Comparison is base (6d022bf) 79.71% compared to head (9f6bf32) 79.71%.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #3001 +/- ## ======================================= Coverage 79.71% 79.71% ======================================= Files 118 118 Lines 2504 2504 Branches 68 68 ======================================= Hits 1996 1996 Misses 503 503 Partials 5 5 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.