From 41f795586fb78050a61dbffadb129deb78316666 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 31 Jul 2022 18:25:34 +0000
Subject: [PATCH] fix: pkgs/tools/misc/fx_cast/package.json &
 pkgs/tools/misc/fx_cast/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEFETCH-2964180
---
 pkgs/tools/misc/fx_cast/package-lock.json | 45 +++++++++++++++++++++--
 pkgs/tools/misc/fx_cast/package.json      |  2 +-
 2 files changed, 42 insertions(+), 5 deletions(-)

diff --git a/pkgs/tools/misc/fx_cast/package-lock.json b/pkgs/tools/misc/fx_cast/package-lock.json
index 22e62c6fed855..55160f4bc0878 100644
--- a/pkgs/tools/misc/fx_cast/package-lock.json
+++ b/pkgs/tools/misc/fx_cast/package-lock.json
@@ -1,8 +1,8 @@
 {
     "name": "fx_cast_bridge",
     "version": "0.1.2",
-    "requires": true,
     "lockfileVersion": 1,
+    "requires": true,
     "dependencies": {
         "@babel/parser": {
             "version": "7.11.3",
@@ -357,6 +357,11 @@
                 "assert-plus": "^1.0.0"
             }
         },
+        "data-uri-to-buffer": {
+            "version": "4.0.0",
+            "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.0.tgz",
+            "integrity": "sha512-Vr3mLBA8qWmcuschSLAOogKgQ/Jwxulv3RNE4FXnYWRGujzrRWQI4m12fQqRkwX06C0KanhLr4hK+GydchZsaA=="
+        },
         "deep-is": {
             "version": "0.1.3",
             "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz",
@@ -483,6 +488,15 @@
                 "reusify": "^1.0.4"
             }
         },
+        "fetch-blob": {
+            "version": "3.2.0",
+            "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz",
+            "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==",
+            "requires": {
+                "node-domexception": "^1.0.0",
+                "web-streams-polyfill": "^3.0.3"
+            }
+        },
         "fill-range": {
             "version": "7.0.1",
             "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
@@ -509,6 +523,14 @@
                 "mime-types": "^2.1.12"
             }
         },
+        "formdata-polyfill": {
+            "version": "4.0.10",
+            "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz",
+            "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==",
+            "requires": {
+                "fetch-blob": "^3.1.2"
+            }
+        },
         "from2": {
             "version": "2.3.0",
             "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz",
@@ -797,10 +819,20 @@
             "resolved": "https://registry.npmjs.org/nan/-/nan-2.14.1.tgz",
             "integrity": "sha512-isWHgVjnFjh2x2yuJ/tj3JbwoHu3UC2dX5G/88Cm24yB6YopVgxvBObDY7n5xW6ExmFhJpSEQqFPvq9zaXc8Jw=="
         },
+        "node-domexception": {
+            "version": "1.0.0",
+            "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz",
+            "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ=="
+        },
         "node-fetch": {
-            "version": "2.6.0",
-            "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.0.tgz",
-            "integrity": "sha512-8dG4H5ujfvFiqDmVu9fQ5bOHUC15JMjMY/Zumv26oOvvVJjM67KF8koCWIabKQ1GJIa9r2mMZscBq/TbdOcmNA=="
+            "version": "3.2.10",
+            "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.2.10.tgz",
+            "integrity": "sha512-MhuzNwdURnZ1Cp4XTazr69K0BTizsBroX7Zx3UgDSVcZYKF/6p0CBe4EUb/hLqmzVhl0UpYfgRljQ4yxE+iCxA==",
+            "requires": {
+                "data-uri-to-buffer": "^4.0.0",
+                "fetch-blob": "^3.1.4",
+                "formdata-polyfill": "^4.0.10"
+            }
         },
         "oauth-sign": {
             "version": "0.9.0",
@@ -1312,6 +1344,11 @@
                 "extsprintf": "^1.2.0"
             }
         },
+        "web-streams-polyfill": {
+            "version": "3.2.1",
+            "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.2.1.tgz",
+            "integrity": "sha512-e0MO3wdXWKrLbL0DgGnUV7WHVuw9OUvL4hjgnPkIeEvESk74gAITi5G606JtZPp39cd8HA9VQzCIvA49LpPN5Q=="
+        },
         "word-wrap": {
             "version": "1.2.3",
             "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz",
diff --git a/pkgs/tools/misc/fx_cast/package.json b/pkgs/tools/misc/fx_cast/package.json
index 2c155f78632f6..58e56b812aa2b 100644
--- a/pkgs/tools/misc/fx_cast/package.json
+++ b/pkgs/tools/misc/fx_cast/package.json
@@ -21,7 +21,7 @@
         "mdns": "^2.5.1",
         "mime-types": "^2.1.27",
         "minimist": "^1.2.5",
-        "node-fetch": "^2.6.0",
+        "node-fetch": "^3.2.10",
         "tweetnacl": "^1.0.3",
         "ws": "^7.4.3"
     },