From 13404df2679461282e35ee7a27da1435a57341d4 Mon Sep 17 00:00:00 2001
From: Joe Previte <jjprevite@gmail.com>
Date: Wed, 3 Nov 2021 14:09:31 -0700
Subject: [PATCH] chore(deps): fix issues identified by audit-ci (#4438)

* fix(deps): ansi-regex issue

* fix(deps): upgrade tar to safe version

* chore(deps): fix vm2 issue

* fix(ci): increase timeout for audit-ci to 15
---
 .github/workflows/ci.yaml | 2 +-
 package.json              | 5 +++--
 yarn.lock                 | 2 +-
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 60a44a5d..5c5e91fb 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -60,7 +60,7 @@ jobs:
     name: Run audit-ci
     needs: prebuild
     runs-on: ubuntu-latest
-    timeout-minutes: 5
+    timeout-minutes: 15
     steps:
       - name: Checkout repo
         uses: actions/checkout@v2
diff --git a/package.json b/package.json
index ec4882bf..7babaa8e 100644
--- a/package.json
+++ b/package.json
@@ -75,8 +75,9 @@
     "browserslist": "^4.16.5",
     "safe-buffer": "^5.1.1",
     "vfile-message": "^2.0.2",
-    "argon2/@mapbox/node-pre-gyp/tar": "^6.1.9",
-    "path-parse": "^1.0.7"
+    "tar": "^6.1.9",
+    "path-parse": "^1.0.7",
+    "vm2": "^3.9.4"
   },
   "dependencies": {
     "@coder/logger": "1.1.16",
diff --git a/yarn.lock b/yarn.lock
index 410eb941..3015bb9a 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4534,7 +4534,7 @@ vfile@^4.0.0:
     unist-util-stringify-position "^2.0.0"
     vfile-message "^2.0.0"
 
-vm2@^3.9.3:
+vm2@^3.9.3, vm2@^3.9.4:
   version "3.9.5"
   resolved "https://registry.yarnpkg.com/vm2/-/vm2-3.9.5.tgz#5288044860b4bbace443101fcd3bddb2a0aa2496"
   integrity sha512-LuCAHZN75H9tdrAiLFf030oW7nJV5xwNMuk1ymOZwopmuK3d2H4L1Kv4+GFHgarKiLfXXLFU+7LDABHnwOkWng==
-- 
GitLab