[Snyk] Security upgrade appium from 1.22.3 to 2.0.0

[naiba4]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	168/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 2, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.03, Likelihood: 2.39, Score Version: V5	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: appium

The new version differs by 250 commits.

• 3fa73a1 chore(appium): remove rc tag from appium 2
• 1ab323b chore(appium): promote appium npm tag to latest
• b8e1f38 chore(docutils): update dependency mkdocs-material to v9.1.18
• 02896d0 chore(deps): update eslint-related packages
• 8a6a4ba chore: publish
• 52b646c chore(typedoc-plugin-appium): update snapshots
• 2b35170 fix(base-driver): pass thru all type args to ExternalDriver
• c13333b fix(appium): type fixes for ts v5
• 62f4244 fix(types): update some more types to reflect reality
• 26eb766 chore(base-driver): actually run type tests
• 679865e fix(eslint-config-appium): remove prototype assignment warning
• f1d768c chore: upgrade typescript
• d6cca51 fix(types): separate the type of opts from initialOpts
• 3d614d6 fix(base-driver): allow subclass to define shape of settings object
• ee9b2a3 fix(types): ensure return type of deleteSession can always be void
• e30ad0e chore(appium,types): remove some useless type arguments
• 01061b2 fix(types,base-driver): remove deviceName from base constraints
• 24e7aec fix(types): fix signature of updateSettings
• ed1856d fix(support): update dependency semver to v7.5.3
• 757fbaa chore(deps): update dependency @ types/node to v18.16.19
• fdd2ac0 fix(doctor): update dependency appium-adb to v9.11.7
• 3906f7d chore(docutils): update dependency mkdocs-material to v9.1.17
• f09fbb6 fix(appium): restrict address to ipv6/hostname (When hovering over a nested block in select mode, the left border disappears WordPress/gutenberg#18824)
• 97fe159 chore(appium): Improve the error message on config load error (Fix Tools icon being 24x24 instead of 20x20. WordPress/gutenberg#18829)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
gutenberg	❌ Failed (Inspect)			Oct 28, 2023 0:54am
gutenberg-wd9x	❌ Failed (Inspect)			Oct 28, 2023 0:54am

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
appium	1.22.3...2.0.0	shell	+97/-252	80.3 MB	jlipps

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue	Package	Version	Note	Source
Chronological version anomaly	minimatch	7.4.6	Previous Chronological: minimatch@8.0.4 (4/9/2023, 8:17:45 PM) Previous Semver: minimatch@7.4.5 (4/3/2023, 4:49:58 PM)	appium@2.0.0 via package.json
Chronological version anomaly	@types/lockfile	1.0.3	Previous Chronological: @types/lockfile@0.4.31 (7/6/2021, 10:11:12 PM) Previous Semver: @types/lockfile@1.0.2 (7/6/2021, 10:11:02 PM)	appium@2.0.0 via package.json
Chronological version anomaly	winston	3.9.0	Previous Chronological: winston@2.4.7 (11/15/2022, 4:45:44 PM) Previous Semver: winston@3.8.2 (9/7/2022, 4:21:55 PM)	appium@2.0.0 via package.json
Chronological version anomaly	@types/klaw	3.0.5	Previous Chronological: @types/klaw@1.3.7 (9/14/2023, 1:57:45 AM) Previous Semver: @types/klaw@3.0.4 (9/14/2023, 1:57:39 AM)	appium@2.0.0 via package.json
Chronological version anomaly	typescript	5.0.4	Previous Chronological: typescript@5.1.0-dev.20230407 (4/7/2023, 7:12:28 AM) Previous Semver: typescript@5.0.3 (3/30/2023, 8:51:58 PM)	appium@2.0.0 via package.json
Debug access	appium	2.0.0	Module: module Location: build/lib/utils.js +1 more instances...	package.json
Dynamic require	appium	2.0.0	Location: build/lib/extension/extension-config.js +5 more instances...	package.json
Environment variable access	appium	2.0.0	Env Vars: Location: build/lib/extension/extension-config.js +27 more instances...	package.json
Shell access	appium	2.0.0	Module: child_process Location: build/lib/cli/extension-command.js +1 more instances...	package.json
Debug access	ts-node	9.1.1	Module: module Location: dist-raw/node-esm-resolve-implementation.js +4 more instances...	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Dynamic require	ts-node	9.1.1	Location: dist/bin.js +8 more instances...	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Environment variable access	ts-node	9.1.1	Env Vars: Location: dist-raw/node-options.js +47 more instances...	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Filesystem access	ts-node	9.1.1	Module: fs Location: dist-raw/node-esm-resolve-implementation.js +3 more instances...	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Major refactor	ts-node	9.1.1	Change Percentage: 59.99 Current Line Count: 4836 Previous Line Count: 5920 Lines Changed: 6452	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Debug access	typedoc	0.23.28	Module: module Location: dist/lib/utils/options/readers/tsconfig.js +1 more instances...	appium@2.0.0 via package.json
Dynamic require	typedoc	0.23.28	Location: dist/lib/utils/options/readers/typedoc.js +3 more instances...	appium@2.0.0 via package.json
Filesystem access	typedoc	0.23.28	Module: fs Location: dist/lib/converter/plugins/PackagePlugin.js +10 more instances...	appium@2.0.0 via package.json
No v1	typedoc	0.23.28	Location: Package overview	appium@2.0.0 via package.json
Dynamic require	@appium/support	4.1.8	Location: build/lib/node.js +5 more instances...	appium@2.0.0 via package.json
Environment variable access	@appium/support	4.1.8	Env Vars: Location: build/lib/env.js +33 more instances...	appium@2.0.0 via package.json
Filesystem access	@appium/support	4.1.8	Module: fs Location: build/lib/fs.js +5 more instances...	appium@2.0.0 via package.json
Dynamic require	@appium/typedoc-plugin-appium	0.6.6	Location: build/lib/logger.js +5 more instances...	appium@2.0.0 via package.json
No v1	@appium/typedoc-plugin-appium	0.6.6	Location: Package overview	appium@2.0.0 via package.json
Dynamic require	consola	2.15.3	Location: dist/consola.js +1 more instances...	appium@2.0.0 via package.json
Environment variable access	consola	2.15.3	Env Vars: Location: dist/consola.js +17 more instances...	appium@2.0.0 via package.json
Filesystem access	consola	2.15.3	Module: fs Location: dist/consola.js +1 more instances...	appium@2.0.0 via package.json
Dynamic require	lunr	2.3.9	Location: test/env/chai.js +9 more instances...	appium@2.0.0 via package.json
Environment variable access	lunr	2.3.9	Env Vars: Location: test/env/mocha.js +8 more instances...	appium@2.0.0 via package.json
Filesystem access	lunr	2.3.9	Module: fs Location: perf/perf_helper.js +8 more instances...	appium@2.0.0 via package.json
Unmaintained	lunr	2.3.9	Last Publish: 8/19/2020, 8:30:07 PM	appium@2.0.0 via package.json
Dynamic require	make-error	1.3.6	Location: dist/make-error.js +1 more instances...	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Major refactor	make-error	1.3.6	Change Percentage: 64.27 Current Line Count: 179 Previous Line Count: 168 Lines Changed: 223	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Unmaintained	make-error	1.3.6	Last Publish: 2/19/2020, 9:34:36 AM	@testing-library/react-native@11.3.0, @wordpress/e2e-test-utils@9.4.0, @wordpress/e2e-tests@6.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-preset-default@10.8.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, appium@2.0.0, jest@27.4.5, jest-watch-typeahead@1.0.0, snapshot-diff@0.8.1 via package.json jest@27.4.5 via packages/e2e-test-utils/package.json @wordpress/e2e-test-utils@9.4.0, @wordpress/jest-console@6.10.0, @wordpress/jest-puppeteer-axe@5.10.0, @wordpress/scripts@25.4.0, jest@27.4.5 via packages/e2e-tests/package.json jest@27.4.5 via packages/jest-console/package.json @wordpress/jest-console@6.10.0, jest@27.4.5 via packages/jest-preset-default/package.json jest@27.4.5 via packages/jest-puppeteer-axe/package.json @wordpress/jest-preset-default@10.8.0, jest@27.4.5 via packages/scripts/package.json
Dynamic require	prebuild-install	7.1.1	Location: