[Snyk] Security upgrade supertest from 1.0.1 to 7.0.0

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • test/fixtures/demo-os/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COOKIEJAR-3149984	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Poisoning SNYK-JS-QS-3153490	Yes	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution npm:extend:20180424	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Override Protection Bypass npm:qs:20170213	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Denial of Service (DoS) npm:superagent:20170807	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Information Exposure npm:superagent:20181108	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: supertest

The new version differs by 250 commits.

• 2ae1c36 7.0.0
• 225118c Merge pull request [Snyk] Security upgrade django from 1.6.1 to 2.2.28 #834 from Bruception/master
• f290431 Fix TestAgent not inheriting Agent properties
• 1e18c20 fix: bump deps, drop Node.js v<14.16.0
• fd571c8 6.3.4
• bc4398a chore: bump deps, remove yarn.lock
• c823515 chore: bump deps
• 37017b3 Merge pull request [Snyk] Security upgrade debug from 1.0.5 to 3.1.0 #811 from ladjs/dependabot/npm_and_yarn/cookiejar-2.1.4
• 6b41374 Merge pull request [Snyk] Security upgrade micromatch from 3.1.10 to 4.0.0 #814 from siddtheone/patch-1
• 0ff9c02 Merge pull request [Snyk] Fix for 1 vulnerabilities #828 from 9renpoto/9renpoto-patch-1
• 2cba6d4 si/visionmedia/ladjs/
• 79a69b6 Update package.json
• c1b8f9d Merge pull request [Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.3 #821 from yunnysunny/feature/ci-fix
• 5d48749 ci: fix broken github action cache saving
• 25920e7 Merge pull request [Snyk] Security upgrade tap from 11.1.3 to 14.6.8 #818 from lamweili/patch-1
• 3767f9e docs: fixed links (for [Snyk] Security upgrade tap from 11.1.3 to 15.0.0 #621)
• b81d3a4 Update README.md
• 4b372eb Removing unused import
• ac9327f chore(deps): bump cookiejar from 2.1.3 to 2.1.4
• 44d5d72 Merge pull request [Snyk] Fix for 10 vulnerabilities #646 from dtom90/patch-1
• d91ff37 Merge pull request [Snyk] Security upgrade tap from 11.1.3 to 15.0.0 #621 from RichieRunner/patch-1
• ffb96df 6.3.3
• 2910f73 chore: bump deps
• fb4f327 6.3.2

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Poisoning
🦉 Prototype Override Protection Bypass