From 2111281d17886f43f91ac440df1a908cf745dea4 Mon Sep 17 00:00:00 2001
From: Arnaud Besnier <arnaudibesnier@gmail.com>
Date: Thu, 5 Sep 2024 19:30:44 +0200
Subject: [PATCH] fix(security): patch micromatch dependency vulnerabilities
 (#1120)

* fix(security): patch micromatch dependency vulnerabilities

* chore(test): fix tests

* chore: revert a change

* chore(test): fix tests
---
 .github/workflows/build.yml |  2 +-
 docker-compose.yml          | 80 +++++++++++++++++++------------------
 yarn.lock                   | 10 ++---
 3 files changed, 47 insertions(+), 45 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 778fa833..dc2484ad 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -48,7 +48,7 @@ jobs:
       - name: Login on dockerhub
         run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
       - name: Start docker container
-        run: docker-compose up -d; sleep 20
+        run: docker compose up -d; sleep 20
       - name: Send coverage
         uses: paambaati/codeclimate-action@v2.7.4
         env:
diff --git a/docker-compose.yml b/docker-compose.yml
index 011740d6..39daf4eb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,42 +1,44 @@
-postgres:
-  image: postgres:12.19
-  container_name: forest_express_sequelize_postgres
-  ports:
-    - '5437:5432'
-  environment:
-    - POSTGRES_DB=forest-express-sequelize-test
-    - POSTGRES_USER=forest
-    - POSTGRES_PASSWORD=secret
+version: '2'
+services:
+  postgres:
+    image: postgres:12.19
+    container_name: forest_express_sequelize_postgres
+    ports:
+      - '5437:5432'
+    environment:
+      - POSTGRES_DB=forest-express-sequelize-test
+      - POSTGRES_USER=forest
+      - POSTGRES_PASSWORD=secret
 
-mysql_min:
-  image: mysql:5.6
-  container_name: forest_express_sequelize_mysql_min
-  environment:
-    MYSQL_ROOT_PASSWORD: secret
-    MYSQL_DATABASE: forest-express-sequelize-test
-    MYSQL_USER: forest
-    MYSQL_PASSWORD: secret
-  ports:
-    - '8998:3306'
+  mysql_min:
+    image: mysql:5.6
+    container_name: forest_express_sequelize_mysql_min
+    environment:
+      MYSQL_ROOT_PASSWORD: secret
+      MYSQL_DATABASE: forest-express-sequelize-test
+      MYSQL_USER: forest
+      MYSQL_PASSWORD: secret
+    ports:
+      - '8998:3306'
 
-mysql_max:
-  image: mysql:8.0
-  container_name: forest_express_sequelize_mysql_max
-  environment:
-    MYSQL_ROOT_PASSWORD: secret
-    MYSQL_DATABASE: forest-express-sequelize-test
-    MYSQL_USER: forest
-    MYSQL_PASSWORD: secret
-  ports:
-    - '8999:3306'
+  mysql_max:
+    image: mysql:8.0
+    container_name: forest_express_sequelize_mysql_max
+    environment:
+      MYSQL_ROOT_PASSWORD: secret
+      MYSQL_DATABASE: forest-express-sequelize-test
+      MYSQL_USER: forest
+      MYSQL_PASSWORD: secret
+    ports:
+      - '8999:3306'
 
-maria_db:
-  image: mariadb:10
-  container_name: forest_express_sequelize_mariadb
-  environment:
-    MYSQL_ROOT_PASSWORD: secret
-    MYSQL_DATABASE: forest-express-sequelize-test
-    MYSQL_USER: forest
-    MYSQL_PASSWORD: secret
-  ports:
-    - '9000:3306'
+  maria_db:
+    image: mariadb:10
+    container_name: forest_express_sequelize_mariadb
+    environment:
+      MYSQL_ROOT_PASSWORD: secret
+      MYSQL_DATABASE: forest-express-sequelize-test
+      MYSQL_USER: forest
+      MYSQL_PASSWORD: secret
+    ports:
+      - '9000:3306'
diff --git a/yarn.lock b/yarn.lock
index 59e68886..b4181231 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3481,7 +3481,7 @@ brace-expansion@^2.0.1:
   dependencies:
     balanced-match "^1.0.0"
 
-braces@^3.0.1, braces@^3.0.2, braces@~3.0.2:
+braces@^3.0.1, braces@^3.0.3, braces@~3.0.2:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789"
   integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==
@@ -7609,11 +7609,11 @@ micromatch@4.0.2:
     picomatch "^2.0.5"
 
 micromatch@^4.0.0, micromatch@^4.0.2, micromatch@^4.0.4:
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.5.tgz#bc8999a7cbbf77cdc89f132f6e467051b49090c6"
-  integrity sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==
+  version "4.0.8"
+  resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.8.tgz#d66fa18f3a47076789320b9b1af32bd86d9fa202"
+  integrity sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==
   dependencies:
-    braces "^3.0.2"
+    braces "^3.0.3"
     picomatch "^2.3.1"
 
 mime-db@1.52.0: