From 930a844449ca57f8344f39b4e040eae195a5cfc2 Mon Sep 17 00:00:00 2001
From: Victoria Hall <victoria.hall@microsoft.com>
Date: Wed, 4 Dec 2024 14:51:58 -0600
Subject: [PATCH 1/2] run vulnerability scan + testing

---
 azure-pipelines/templates/build.yml |  2 ++
 package-lock.json                   | 14 +++++++-------
 package.json                        |  2 +-
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/azure-pipelines/templates/build.yml b/azure-pipelines/templates/build.yml
index 63dd49b..2b8a464 100644
--- a/azure-pipelines/templates/build.yml
+++ b/azure-pipelines/templates/build.yml
@@ -16,6 +16,8 @@ jobs:
             displayName: 'Install Node.js'
           - script: npm ci
             displayName: 'npm ci'
+          - script: npm audit --production
+            displayName: 'Run vulnerability scan'
           - script: npm run updateVersion -- --buildNumber $(Build.BuildNumber)
             displayName: 'npm run updateVersion'
             condition: and(succeeded(), eq(${{ parameters.IsPrerelease }}, true))
diff --git a/package-lock.json b/package-lock.json
index cbf262e..2389689 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
             "version": "4.6.0",
             "license": "MIT",
             "dependencies": {
-                "cookie": "^0.7.0",
+                "cookie": "^0.6.0",
                 "long": "^4.0.0",
                 "undici": "^5.13.0"
             },
@@ -1417,9 +1417,9 @@
             "dev": true
         },
         "node_modules/cookie": {
-            "version": "0.7.0",
-            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.0.tgz",
-            "integrity": "sha512-qCf+V4dtlNhSRXGAZatc1TasyFO6GjohcOul807YOb5ik3+kQSnb4d7iajeCL8QHaJ4uZEjCgiCJerKXwdRVlQ==",
+            "version": "0.6.0",
+            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
+            "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
             "engines": {
                 "node": ">= 0.6"
             }
@@ -6672,9 +6672,9 @@
             "dev": true
         },
         "cookie": {
-            "version": "0.7.0",
-            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.0.tgz",
-            "integrity": "sha512-qCf+V4dtlNhSRXGAZatc1TasyFO6GjohcOul807YOb5ik3+kQSnb4d7iajeCL8QHaJ4uZEjCgiCJerKXwdRVlQ=="
+            "version": "0.6.0",
+            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
+            "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw=="
         },
         "cosmiconfig": {
             "version": "7.0.1",
diff --git a/package.json b/package.json
index 8c3efee..39cd89c 100644
--- a/package.json
+++ b/package.json
@@ -41,7 +41,7 @@
         "watch": "webpack --watch --mode development"
     },
     "dependencies": {
-        "cookie": "^0.7.0",
+        "cookie": "^0.6.0",
         "long": "^4.0.0",
         "undici": "^5.13.0"
     },

From d5801f1713d05503284fafbb42a0050640d67441 Mon Sep 17 00:00:00 2001
From: Victoria Hall <victoria.hall@microsoft.com>
Date: Wed, 4 Dec 2024 14:58:07 -0600
Subject: [PATCH 2/2] revert npm audit test

---
 package-lock.json | 14 +++++++-------
 package.json      |  2 +-
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2389689..cbf262e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
             "version": "4.6.0",
             "license": "MIT",
             "dependencies": {
-                "cookie": "^0.6.0",
+                "cookie": "^0.7.0",
                 "long": "^4.0.0",
                 "undici": "^5.13.0"
             },
@@ -1417,9 +1417,9 @@
             "dev": true
         },
         "node_modules/cookie": {
-            "version": "0.6.0",
-            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
-            "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
+            "version": "0.7.0",
+            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.0.tgz",
+            "integrity": "sha512-qCf+V4dtlNhSRXGAZatc1TasyFO6GjohcOul807YOb5ik3+kQSnb4d7iajeCL8QHaJ4uZEjCgiCJerKXwdRVlQ==",
             "engines": {
                 "node": ">= 0.6"
             }
@@ -6672,9 +6672,9 @@
             "dev": true
         },
         "cookie": {
-            "version": "0.6.0",
-            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
-            "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw=="
+            "version": "0.7.0",
+            "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.0.tgz",
+            "integrity": "sha512-qCf+V4dtlNhSRXGAZatc1TasyFO6GjohcOul807YOb5ik3+kQSnb4d7iajeCL8QHaJ4uZEjCgiCJerKXwdRVlQ=="
         },
         "cosmiconfig": {
             "version": "7.0.1",
diff --git a/package.json b/package.json
index 39cd89c..8c3efee 100644
--- a/package.json
+++ b/package.json
@@ -41,7 +41,7 @@
         "watch": "webpack --watch --mode development"
     },
     "dependencies": {
-        "cookie": "^0.6.0",
+        "cookie": "^0.7.0",
         "long": "^4.0.0",
         "undici": "^5.13.0"
     },