[Snyk] Security upgrade lighthouse from 2.0.0 to 9.3.0

[heshamelmasry77]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • scripts/bench/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	556/1000 Why? Recently disclosed, Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: lighthouse

The new version differs by 250 commits.

• cad7442 v9.3.0 (Improve DX when combining react-dom/profiling and schedule/tracking facebook/react#13605)
• eba2a4d deps(lighthouse-stack-packs): upgrade to 1.7.0 (The use of "blacklist" is offensive! facebook/react#13604)
• 06aa3e2 i18n: import (Hydration warnings with DOM diff in react-reconciler (#10085) facebook/react#13602)
• e8d6e0f core(inspector-issues): add federatedAuthRequestIssue (Passing data to child components in ASP.NET Core + React facebook/react#13603)
• 2e13357 deps(snyk): update snyk snapshot (Remove injectComponentTree from unstable-native-dependencies, add EventPluginHub facebook/react#13598)
• faf5126 misc(build): remove empty devtools report resources (react-dom/profiling TypeError: Cannot read property 'current' of null facebook/react#13601)
• 9f365f0 core(preload-lcp-image): enable audit (Remove redundant work during mounting Indeterminate Component facebook/react#13599)
• 8670ea4 deps(yargs-parser): upgrade to 21.0.0 ([Schedule]Low priority updates block high priority updates facebook/react#13597)
• ad1231f deps(yargs): upgrade to 17.3.1 (Interaction tracking ref-counting bug fixes (WIP) facebook/react#13590)
• 26a0ee6 cli: remove update-notifier (Build schedule which is required for time slicing demo facebook/react#13588)
• d6493b5 tests: add snapshot tests for cli-flags.js (Kepp calling peformWork consistent facebook/react#13596)
• 54c6f50 clients(devtools): add FR runners to DevTools entry (Drop the year from Facebook copyright headers and the LICENSE file. facebook/react#13593)
• a3562c9 docs: update devtools panel throttling details (react-dom: "^16.4.0" (&& "16.4.2") PanResponder bug facebook/react#13504)
• f59499a core(inspector-issue): remove wasmCrossOriginModuleSharingIssue ([schedule] Nested callbacks and continuations facebook/react#13595)
• 62848fb tests(devtools): ensure WebSQL table is populated (Update ReactNativeViewConfigRegistry Flow Types facebook/react#13579)
• 82772f9 cli(asset-saver): end devtoolsLog with a newline (refactor: remove unnecessary judgment when check fragment props facebook/react#13566)
• 767036f core: ensure good and average scores start exactly at control points ("scheduler" package umbrella facebook/react#13559)
• a1df50a deps: update robots-parser to latest (React Fire Feature Flag facebook/react#13554)
• adb28ff core(inspector-issues): collect all issue types (Revert "Rely on bubbling for submit and reset events (#13358)" facebook/react#13462)
• ccbe8fc misc(build): set correct exit code when build scripts fail (React onChange events not bubbling up on unmount facebook/react#13459)
• 28176dd tests: tweak some CI job names for clarity (Renamed schedule UMD forwarding methods to stay in-sync with SECRET obj facebook/react#13549)
• ca4eab4 tests: split devtools ci into build, web-tests and smoke jobs (Document event bubble order facebook/react#13546)
• 67c1d13 core(runner): asset manager helper (Fixed typos facebook/react#13519)
• fd58e01 clients: use minimal 'url' polyfil instead of url-shim (Remove unused www scheduler fork facebook/react#13545)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Open Redirect