From 6cc9783612edecee84aad4280413edd6847ed750 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 13 Oct 2020 02:53:23 -0700
Subject: [PATCH] Bump archiver from 5.0.0 to 5.0.2 in /desktop (#1591)

Summary:
Bumps [archiver](https://github.com/archiverjs/node-archiver) from 5.0.0 to 5.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/archiverjs/node-archiver/releases">archiver's releases</a>.</em></p>
<blockquote>
<h2>5.0.2</h2>
<h2>Maintenance</h2>
<ul>
<li>Force bump tar-stream from 2.1.2 to 2.1.4 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/450">https://github.com/facebook/flipper/issues/450</a>)</li>
</ul>
<h2>5.0.1</h2>
<h2>Maintenance</h2>
<ul>
<li>Bump tar-stream from 2.1.3 to 2.1.4 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/448">https://github.com/facebook/flipper/issues/448</a>)</li>
<li>Update docs (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/441">https://github.com/facebook/flipper/issues/441</a>)</li>
<li>Bump mocha from 8.1.1 to 8.1.3 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/444">https://github.com/facebook/flipper/issues/444</a>)</li>
<li>Bump tar from 6.0.2 to 6.0.5 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/439">https://github.com/facebook/flipper/issues/439</a>)</li>
<li>Bump mocha from 8.1.0 to 8.1.1 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/437">https://github.com/facebook/flipper/issues/437</a>)</li>
<li>Bump actions/checkout from v2.3.1 to v2.3.2 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/438">https://github.com/facebook/flipper/issues/438</a>)</li>
<li>Bump mocha from 8.0.1 to 8.1.0 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/436">https://github.com/facebook/flipper/issues/436</a>)</li>
<li>Bump actions/setup-node from v2.1.0 to v2.1.1 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/432">https://github.com/facebook/flipper/issues/432</a>)</li>
<li>Bump jsdoc from 3.6.4 to 3.6.5 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/434">https://github.com/facebook/flipper/issues/434</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/archiverjs/node-archiver/commit/e34d0a39dd636509687277a2ba8dae3be49dd954"><code>e34d0a3</code></a> bump version for release</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/5c1ba713dfadc28ae2bd5219611beb99c8641da2"><code>5c1ba71</code></a> Force bump tar-stream from 2.1.2 to 2.1.4 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/450">https://github.com/facebook/flipper/issues/450</a>)</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/cef1ac966e231834d6c1f083ee50698b133d17cb"><code>cef1ac9</code></a> bump version for release</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/34375b574c1da65f1b7e35c2bc3190b824b41c4b"><code>34375b5</code></a> Update release-drafter.yml</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/e3ec39bacb5ce8178af7d935ba374cdf73f7488a"><code>e3ec39b</code></a> Bump tar-stream from 2.1.3 to 2.1.4 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/448">https://github.com/facebook/flipper/issues/448</a>)</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/209b2f6fe53c3d4584970eff681a632f7e60399d"><code>209b2f6</code></a> Update dependabot.yml</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/cb02bf19636b5f964dee45082923973dce6c6c1e"><code>cb02bf1</code></a> Update docs (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/441">https://github.com/facebook/flipper/issues/441</a>)</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/4eba7ae0fddc880e7398d5f246e0dc8a97617d1c"><code>4eba7ae</code></a> Bump mocha from 8.1.1 to 8.1.3 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/444">https://github.com/facebook/flipper/issues/444</a>)</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/ebe5593f9d585a9b594e0427c1e09d6f27ba7265"><code>ebe5593</code></a> Update release-drafter.yml</li>
<li><a href="https://github.com/archiverjs/node-archiver/commit/b7328ba42decd83e0201010ae2b9f8152388292a"><code>b7328ba</code></a> Bump tar from 6.0.2 to 6.0.5 (<a href="https://github-redirect.dependabot.com/archiverjs/node-archiver/issues/439">https://github.com/facebook/flipper/issues/439</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/archiverjs/node-archiver/compare/5.0.0...5.0.2">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=archiver&package-manager=npm_and_yarn&previous-version=5.0.0&new-version=5.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

 ---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

Pull Request resolved: https://github.com/facebook/flipper/pull/1591

Reviewed By: mweststrate

Differential Revision: D24250411

Pulled By: nikoant

fbshipit-source-id: e94e4ea3a002da2e8f83aaa6ff5d9cc07efb3896
---
 desktop/app/package.json |  2 +-
 desktop/yarn.lock        | 22 +++++++++++-----------
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/desktop/app/package.json b/desktop/app/package.json
index 8b540802b..858f2447d 100644
--- a/desktop/app/package.json
+++ b/desktop/app/package.json
@@ -20,7 +20,7 @@
     "adbkit": "^2.11.1",
     "adbkit-logcat": "^2.0.1",
     "antd": "^4.6.6",
-    "archiver": "^5.0.0",
+    "archiver": "^5.0.2",
     "async-mutex": "^0.1.3",
     "axios": "^0.20.0",
     "console-feed": "^3.0.1",
diff --git a/desktop/yarn.lock b/desktop/yarn.lock
index 0fb37c8f0..961c26bc2 100644
--- a/desktop/yarn.lock
+++ b/desktop/yarn.lock
@@ -3240,17 +3240,17 @@ archiver-utils@^2.1.0:
     normalize-path "^3.0.0"
     readable-stream "^2.0.0"
 
-archiver@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/archiver/-/archiver-5.0.0.tgz#b1e7dc075a4e18e0aa59afdd7c3e5f3d3321cbeb"
-  integrity sha512-AEWhJz6Yi6hWtN1Sqy/H4sZo/lLMJ/NftXxGaDy/TnOMmmjsRaZc/Ts+U4BsPoBQkuunTN6t8hk7iU9A+HBxLw==
+archiver@^5.0.2:
+  version "5.0.2"
+  resolved "https://registry.yarnpkg.com/archiver/-/archiver-5.0.2.tgz#b2c435823499b1f46eb07aa18e7bcb332f6ca3fc"
+  integrity sha512-Tq3yV/T4wxBsD2Wign8W9VQKhaUxzzRmjEiSoOK0SLqPgDP/N1TKdYyBeIEu56T4I9iO4fKTTR0mN9NWkBA0sg==
   dependencies:
     archiver-utils "^2.1.0"
     async "^3.2.0"
     buffer-crc32 "^0.2.1"
     readable-stream "^3.6.0"
     readdir-glob "^1.0.0"
-    tar-stream "^2.1.2"
+    tar-stream "^2.1.4"
     zip-stream "^4.0.0"
 
 archiver@~2.1.0:
@@ -3742,7 +3742,7 @@ better-assert@~1.0.0:
   dependencies:
     callsite "1.0.0"
 
-bl@4.0.3, bl@^1.0.0, bl@^4.0.1:
+bl@4.0.3, bl@^1.0.0, bl@^4.0.3:
   version "4.0.3"
   resolved "https://registry.yarnpkg.com/bl/-/bl-4.0.3.tgz#12d6287adc29080e22a705e5764b2a9522cdc489"
   integrity sha512-fs4G6/Hu4/EE+F75J8DuN/0IpQqNjAdC7aEQv7Qt8MHGUH7Ckv2MwTEEeN9QehD0pfIDkMI1bkHYkKy7xHyKIg==
@@ -12484,12 +12484,12 @@ tar-stream@^1.5.0, tar-stream@^1.5.2:
     to-buffer "^1.1.1"
     xtend "^4.0.0"
 
-tar-stream@^2.0.0, tar-stream@^2.1.2:
-  version "2.1.3"
-  resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-2.1.3.tgz#1e2022559221b7866161660f118255e20fa79e41"
-  integrity sha512-Z9yri56Dih8IaK8gncVPx4Wqt86NDmQTSh49XLZgjWpGZL9GK9HKParS2scqHCC4w6X9Gh2jwaU45V47XTKwVA==
+tar-stream@^2.0.0, tar-stream@^2.1.4:
+  version "2.1.4"
+  resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-2.1.4.tgz#c4fb1a11eb0da29b893a5b25476397ba2d053bfa"
+  integrity sha512-o3pS2zlG4gxr67GmFYBLlq+dM8gyRGUOvsrHclSkvtVtQbjV0s/+ZE8OpICbaj8clrX3tjeHngYGP7rweaBnuw==
   dependencies:
-    bl "^4.0.1"
+    bl "^4.0.3"
     end-of-stream "^1.4.1"
     fs-constants "^1.0.0"
     inherits "^2.0.3"