[Snyk] Fix for 7 vulnerabilities

[nicholasess]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • code-push-plugin-testing-framework/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	Yes	Proof of Concept
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	Yes	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution npm:extend:20180424	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Override Protection Bypass npm:qs:20170213	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Denial of Service (DoS) npm:superagent:20170807	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Information Exposure npm:superagent:20181108	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: superagent

The new version differs by 250 commits.

• 3571754 v3.8.1
• 34b69c8 Bump
• 087edaf Clear auth on redirect
• 4108c34 npm@5
• 064b8b0 3.8.0
• b2708db Retry callback
• 383b308 Refactor shouldRetry
• 6bd9b31 indentation to match
• bba9773 log and test style
• bac9933 fn as optional param
• ff607e2 Add optional callback to retry
• 9b0d98d Changelog
• c808dd0 3.8.0-alpha.1
• 87516fc Also support events in global-ish agent
• 66aed34 Default settings for all agent requests
• 05d6c88 Authenticate request using username and password
• 06d7865 Extract common node/browser auth into request-base
• 104ccba Unify auth args handling in node/browser
• be5ab92 Handle errors in zlib pipe
• ef0a35b Merge pull request Updated 'Plugin installation(iOS - CocoaPods)' section in documentation. microsoft/react-native-code-push#1301 from visionmedia/es6
• 0dff890 Prettier
• d669860 ES6ify
• e8463f0 ES6ify Node tests
• cf98d3b Rephrase new documentation about error responses

See the full diff

Package name: superagent-proxy

The new version differs by 6 commits.

• ce624a1 3.0.0
• 1a5b9f3 Update deps
• 5c96130 2.1.0
• 4977892 Update `node-proxy-agent` to v4.0.0 ([Snyk] Fix for 1 vulnerabilities #37)
• 723880c Release 2.0.0
• bbed021 Update proxy-agent to 3.x ([Snyk] Security upgrade react-native from 0.47.2 to 0.63.0 #30)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 More lessons are available in Snyk Learn