From 4a3edc3d2c1c24125f3faa73fb5adcdb73fb79bd Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 13 Jan 2022 12:44:40 +0000
Subject: [PATCH] fix: upgrade request-promise-native from 1.0.5 to 1.0.9

Snyk has created this PR to upgrade request-promise-native from 1.0.5 to 1.0.9.

See this package in npm:
https://www.npmjs.com/package/request-promise-native

See this project in Snyk:
https://app.snyk.io/org/sue.rocha/project/dfd7d55d-6944-425b-b2ba-1a17d937ad54?utm_source=github&utm_medium=referral&page=upgrade-pr
---
 script/vsts/package-lock.json | 27 +++++++++++++++++----------
 script/vsts/package.json      |  2 +-
 2 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/script/vsts/package-lock.json b/script/vsts/package-lock.json
index 30c1dcc5b1d..13e41b8c6c2 100644
--- a/script/vsts/package-lock.json
+++ b/script/vsts/package-lock.json
@@ -2462,21 +2462,28 @@
       }
     },
     "request-promise-core": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.1.tgz",
-      "integrity": "sha1-Pu4AssWqgyOc+wTFcA2jb4HNCLY=",
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.4.tgz",
+      "integrity": "sha512-TTbAfBBRdWD7aNNOoVOBH4pN/KigV6LyapYNNlAPA8JwbovRti1E88m3sYAwsLi5ryhPKsE9APwnjFTgdUjTpw==",
       "requires": {
-        "lodash": "^4.13.1"
+        "lodash": "^4.17.19"
+      },
+      "dependencies": {
+        "lodash": {
+          "version": "4.17.21",
+          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+          "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
+        }
       }
     },
     "request-promise-native": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.5.tgz",
-      "integrity": "sha1-UoF3D2jgyXGeUWP9P6tIIhX0/aU=",
+      "version": "1.0.9",
+      "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.9.tgz",
+      "integrity": "sha512-wcW+sIUiWnKgNY0dqCpOZkUbF/I+YPi+f09JZIDa39Ec+q82CpSYniDp+ISgTTbKmnpJWASeJBPZmoxH84wt3g==",
       "requires": {
-        "request-promise-core": "1.1.1",
-        "stealthy-require": "^1.1.0",
-        "tough-cookie": ">=2.3.3"
+        "request-promise-core": "1.1.4",
+        "stealthy-require": "^1.1.1",
+        "tough-cookie": "^2.3.3"
       }
     },
     "require-directory": {
diff --git a/script/vsts/package.json b/script/vsts/package.json
index be99e5cba90..76ea613a7d1 100644
--- a/script/vsts/package.json
+++ b/script/vsts/package.json
@@ -9,7 +9,7 @@
     "pr-changelog": "^0.3.2",
     "publish-release": "^1.6.0",
     "request": "^2.87.0",
-    "request-promise-native": "^1.0.5",
+    "request-promise-native": "^1.0.9",
     "semver": "5.3.0",
     "yargs": "4.8.1"
   }