[Snyk] Security upgrade cypress from 4.12.1 to 5.0.0

yurake commented 7 months ago

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - kubernetes/monitoring/test/cypress/package.json - kubernetes/monitoring/test/cypress/package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **631/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.2 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised. Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/yurake/project/33363e8b-5c0b-4511-947b-1984fde6914e?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/yurake/project/33363e8b-5c0b-4511-947b-1984fde6914e?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"d3cb9ffb-159e-4010-be85-e4ead43a1e82","prPublicId":"d3cb9ffb-159e-4010-be85-e4ead43a1e82","dependencies":[{"name":"cypress","from":"4.12.1","to":"5.0.0"}],"packageManager":"npm","projectPublicId":"33363e8b-5c0b-4511-947b-1984fde6914e","projectUrl":"https://app.snyk.io/org/yurake/project/33363e8b-5c0b-4511-947b-1984fde6914e?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116"],"upgrade":["SNYK-JS-INFLIGHT-6095116"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[631],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr)

what-the-diff[bot] commented 7 months ago

PR Summary

Update of Cypress software in Test Environment The test environment software, Cypress, which we use for ensuring our application runs smoothly, has been updated to a more recent version. This will provide more reliable and up-to-date testing capabilities.

codeclimate[bot] commented 7 months ago

Code Climate has analyzed commit ab689e02 and detected 0 issues on this pull request.

View more on Code Climate.

sonarcloud[bot] commented 7 months ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

socket-security[bot] commented 7 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@colors/colors@1.5.0	environment	`0`	39.5 kB	dabh
npm/@isaacs/cliui@8.0.2	None	`+7`	184 kB	isaacs
npm/@pkgjs/parseargs@0.11.0	None	`0`	74.2 kB	oss-bot
npm/ansi-regex@5.0.1	None	`0`	5.61 kB	qix
npm/ansi-styles@4.3.0	None	`+2`	50.9 kB	sindresorhus
npm/at-least-node@1.0.0	None	`0`	2.63 kB	ryanzim
npm/balanced-match@1.0.2	None	`0`	6.94 kB	juliangruber
npm/blob-util@2.0.2	None	`0`	79 kB	nolanlawson
npm/brace-expansion@2.0.1	None	`+1`	18.4 kB	juliangruber
npm/cli-table3@0.6.3	Transitive: environment	`+2`	140 kB	speedytwenty
npm/color-convert@2.0.1	None	`+1`	33.9 kB	qix
npm/color-name@1.1.4	None	`0`	6.69 kB	dfcreative
npm/cross-spawn@7.0.3	environment, filesystem, shell	`+5`	52.1 kB	satazor
npm/cypress@5.0.0	environment, filesystem, shell Transitive: eval, network, unsafe	`+191`	24.1 MB	chrisbreiding
npm/eastasianwidth@0.2.0	None	`0`	13.6 kB	komagata
npm/emoji-regex@8.0.0	None	`0`	48.3 kB	mathias
npm/execa@4.1.0	environment, shell Transitive: filesystem	`+19`	226 kB	sindresorhus
npm/foreground-child@3.1.1	shell Transitive: environment, filesystem	`+7`	189 kB	isaacs
npm/fs-extra@9.1.0	filesystem Transitive: environment	`+4`	189 kB	ryanzim
npm/get-stream@5.2.0	Transitive: filesystem	`+4`	33.4 kB	sindresorhus
npm/glob@10.3.10	Transitive: environment, filesystem, shell	`+24`	2.88 MB	isaacs
npm/graceful-fs@4.2.11	environment, filesystem	`0`	32.5 kB	isaacs
npm/human-signals@1.1.1	None	`0`	42.4 kB	ehmicky
npm/is-fullwidth-code-point@3.0.0	None	`0`	4.99 kB	sindresorhus
npm/is-unicode-supported@0.1.0	None	`0`	3.54 kB	sindresorhus
npm/jackspeak@2.3.6	environment	`+9`	512 kB	isaacs
npm/jsonfile@6.1.0	filesystem Transitive: environment	`+2`	57 kB	ryanzim
npm/log-symbols@4.1.0	None	`+3`	19.6 kB	sindresorhus
npm/lru-cache@10.2.0	None	`0`	458 kB	isaacs
npm/merge-stream@2.0.0	None	`0`	4.31 kB	stevemao
npm/minimatch@9.0.3	environment	`+2`	452 kB	isaacs
npm/minipass@7.0.4	None	`0`	285 kB	isaacs
npm/npm-run-path@4.0.1	environment	`+1`	12.7 kB	sindresorhus
npm/path-key@3.1.1	None	`0`	4.55 kB	sindresorhus
npm/path-scurry@1.10.1	filesystem	`+2`	1.27 MB	isaacs
npm/rimraf@5.0.5	environment, filesystem Transitive: shell	`+25`	3.16 MB	isaacs
npm/shebang-command@2.0.0	None	`+1`	5.38 kB	kevva
npm/shebang-regex@3.0.0	None	`0`	2.83 kB	sindresorhus
npm/string-width@4.2.3	None	`+8`	131 kB	sindresorhus
npm/strip-ansi@6.0.1	None	`+2`	15.2 kB	sindresorhus
npm/strip-final-newline@2.0.0	None	`0`	3.05 kB	sindresorhus
npm/universalify@2.0.1	None	`0`	4.67 kB	ryanzim
npm/which@2.0.2	environment Transitive: filesystem	`+1`	20.9 kB	isaacs
npm/wrap-ansi@7.0.0	None	`+8`	130 kB	sindresorhus

🚮 Removed packages: npm/balanced-match@1.0.0, npm/brace-expansion@1.1.11, npm/cli-table3@0.5.1, npm/colors@1.4.0, npm/concat-map@0.0.1, npm/cross-spawn@6.0.5, npm/cypress@4.12.1, npm/execa@1.0.0, npm/fs-extra@8.1.0, npm/fs.realpath@1.0.0, npm/get-stream@4.1.0, npm/glob@7.1.6, npm/graceful-fs@4.2.4, npm/inflight@1.0.6, npm/jsonfile@4.0.0, npm/log-symbols@3.0.0, npm/minimatch@3.1.2, npm/nice-try@1.0.5, npm/npm-run-path@2.0.2, npm/p-finally@1.0.0, npm/path-is-absolute@1.0.1, npm/path-key@2.0.1, npm/rimraf@2.7.1, npm/semver@5.7.1, npm/shebang-command@1.2.0, npm/shebang-regex@1.0.0, npm/strip-eof@1.0.0, npm/tmp@0.1.0, npm/universalify@0.1.2, npm/which@1.3.1

View full report↗︎

yurake / k8s-3tier-webapp