From 050582a47575f1ff3be8c4a58ff59f4b09cb79e9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 8 Apr 2021 08:27:50 -0700
Subject: [PATCH] Bump yargs-parser from 5.0.0 to 5.0.1 in
 /packages/flow-upgrade

Summary:
Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 5.0.0 to 5.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/yargs/yargs-parser/releases">yargs-parser's releases</a>.</em></p>
<blockquote>
<h2>yargs-parser v5.0.1</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> address GHSA-p9pc-299p-vxgp (<a href="https://www.github.com/yargs/yargs-parser/issues/362">https://github.com/facebook/flow/issues/362</a>) (<a href="https://www.github.com/yargs/yargs-parser/commit/1c417bd0b42b09c475ee881e36d292af4fa2cc36">1c417bd</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/yargs/yargs-parser/blob/v5.0.1/CHANGELOG.md">yargs-parser's changelog</a>.</em></p>
<blockquote>
<h1><a href="https://github.com/yargs/yargs-parser/compare/v4.2.1...v5.0.0">5.0.0</a> (2017-02-18)</h1>
<h3>Bug Fixes</h3>
<ul>
<li>environment variables should take precedence over config file (<a href="https://github.com/yargs/yargs-parser/issues/81">https://github.com/facebook/flow/issues/81</a>) (<a href="https://github.com/yargs/yargs-parser/commit/76cee1f">76cee1f</a>)</li>
</ul>
<h3>BREAKING CHANGES</h3>
<ul>
<li>environment variables will now override config files (args, env, config-file, config-object)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h3><a href="https://www.github.com/yargs/yargs-parser/compare/v5.0.0...v5.0.1">5.0.1</a> (2021-03-10)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> address GHSA-p9pc-299p-vxgp (<a href="https://www.github.com/yargs/yargs-parser/issues/362">https://github.com/facebook/flow/issues/362</a>) (<a href="https://www.github.com/yargs/yargs-parser/commit/1c417bd0b42b09c475ee881e36d292af4fa2cc36">1c417bd</a>)</li>
</ul>
<h2><a href="https://github.com/yargs/yargs-parser/compare/v4.2.0...v4.2.1">4.2.1</a> (2017-01-02)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>flatten/duplicate regression (<a href="https://github.com/yargs/yargs-parser/issues/75">https://github.com/facebook/flow/issues/75</a>) (<a href="https://github.com/yargs/yargs-parser/commit/68d68a0">68d68a0</a>)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h1><a href="https://github.com/yargs/yargs-parser/compare/v4.1.0...v4.2.0">4.2.0</a> (2016-12-01)</h1>
<h3>Bug Fixes</h3>
<ul>
<li>inner objects in configs had their keys appended to top-level key when dot-notation was disabled (<a href="https://github.com/yargs/yargs-parser/issues/72">https://github.com/facebook/flow/issues/72</a>) (<a href="https://github.com/yargs/yargs-parser/commit/0b1b5f9">0b1b5f9</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>allow multiple arrays to be provided, rather than always combining (<a href="https://github.com/yargs/yargs-parser/issues/71">https://github.com/facebook/flow/issues/71</a>) (<a href="https://github.com/yargs/yargs-parser/commit/0f0fb2d">0f0fb2d</a>)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h1><a href="https://github.com/yargs/yargs-parser/compare/v4.0.2...v4.1.0">4.1.0</a> (2016-11-07)</h1>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/yargs/yargs-parser/commit/eab6c039888bd5d51f33dda7a98808564acfa938"><code>eab6c03</code></a> chore: release 5.0.1 (<a href="https://github.com/yargs/yargs-parser/issues/363">https://github.com/facebook/flow/issues/363</a>)</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/1c417bd0b42b09c475ee881e36d292af4fa2cc36"><code>1c417bd</code></a> fix(security): address GHSA-p9pc-299p-vxgp (<a href="https://github.com/yargs/yargs-parser/issues/362">https://github.com/facebook/flow/issues/362</a>)</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/e93a345e1e585ba5df97c1da438673e7f2e8909b"><code>e93a345</code></a> chore: mark release in commit history (<a href="https://github.com/yargs/yargs-parser/issues/361">https://github.com/facebook/flow/issues/361</a>)</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/ee15863f7c62418c4fc92b64c3488778c46833dc"><code>ee15863</code></a> chore: push new package version</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/47742078426f0e4e02aa988062b5fb0fa61182b9"><code>4774207</code></a> fix: back-porting prototype fixes for <em>really</em> old version (<a href="https://github.com/yargs/yargs-parser/issues/271">https://github.com/facebook/flow/issues/271</a>)</li>
<li>See full diff in <a href="https://github.com/yargs/yargs-parser/compare/v5.0.0...v5.0.1">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~oss-bot">oss-bot</a>, a new releaser for yargs-parser since your current version.</p>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=yargs-parser&package-manager=npm_and_yarn&previous-version=5.0.0&new-version=5.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

 ---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/flow/network/alerts).

</details>

Pull Request resolved: https://github.com/facebook/flow/pull/8614

Reviewed By: panagosg7

Differential Revision: D27566668

Pulled By: mroch

fbshipit-source-id: a30210adfd27975cca37d89fc144c05a6d2285a1
---
 packages/flow-upgrade/yarn.lock | 57 ++++++++++++++++++++++++---------
 1 file changed, 41 insertions(+), 16 deletions(-)

diff --git a/packages/flow-upgrade/yarn.lock b/packages/flow-upgrade/yarn.lock
index c5c470d1005..1eed1b1a39f 100644
--- a/packages/flow-upgrade/yarn.lock
+++ b/packages/flow-upgrade/yarn.lock
@@ -1567,6 +1567,14 @@ cache-base@^1.0.1:
     union-value "^1.0.0"
     unset-value "^1.0.0"
 
+call-bind@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.2.tgz#b1d4e89e688119c3c9a903ad30abb2f6a919be3c"
+  integrity sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==
+  dependencies:
+    function-bind "^1.1.1"
+    get-intrinsic "^1.0.2"
+
 callsites@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/callsites/-/callsites-2.0.0.tgz#06eb84f00eea413da86affefacbffb36093b3c50"
@@ -1862,7 +1870,7 @@ default-require-extensions@^1.0.0:
   dependencies:
     strip-bom "^2.0.0"
 
-define-properties@^1.1.2:
+define-properties@^1.1.3:
   version "1.1.3"
   resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.3.tgz#cf88da6cbee26fe6db7094f61d870cbd84cee9f1"
   integrity sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==
@@ -2283,6 +2291,15 @@ get-caller-file@^1.0.1:
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-1.0.3.tgz#f978fa4c90d1dfe7ff2d6beda2a515e713bdcf4a"
   integrity sha512-3t6rVToeoZfYSGd8YoLFR2DJkiQrIiUrGcjvFX2mDw3bn6k2OtwHN0TNCLbBO+w8qTvimhDkv+LSscbJY1vE6w==
 
+get-intrinsic@^1.0.2:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.1.1.tgz#15f59f376f855c446963948f0d24cd3637b4abc6"
+  integrity sha512-kWZrnVM42QCiEA2Ig1bG8zjoIMOgxWwYCEeNdwY6Tv/cOSeGpcoX4pXHfKUxNKVoArnrEr2e9srnAxxGIraS9Q==
+  dependencies:
+    function-bind "^1.1.1"
+    has "^1.0.3"
+    has-symbols "^1.0.1"
+
 get-stream@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-3.0.0.tgz#8e943d1358dc37555054ecbe2edb05aa174ede14"
@@ -2394,10 +2411,10 @@ has-flag@^3.0.0:
   resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-3.0.0.tgz#b5d454dc2199ae225699f3467e5a07f3b955bafd"
   integrity sha1-tdRU3CGZriJWmfNGfloH87lVuv0=
 
-has-symbols@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.0.tgz#ba1a8f1af2a0fc39650f5c850367704122063b44"
-  integrity sha1-uhqPGvKg/DllD1yFA2dwQSIGO0Q=
+has-symbols@^1.0.1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.2.tgz#165d3070c00309752a1236a479331e3ac56f1423"
+  integrity sha512-chXa79rL/UC2KlX17jo3vRGz0azaWEx5tGqZg5pO3NUyEJVB17dMruQlzCCOfUvElghKcm5194+BCRvi2Rv/Gw==
 
 has-unicode@^2.0.0:
   version "2.0.1"
@@ -2435,6 +2452,13 @@ has-values@^1.0.0:
     is-number "^3.0.0"
     kind-of "^4.0.0"
 
+has@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
+  integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==
+  dependencies:
+    function-bind "^1.1.1"
+
 home-or-tmp@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/home-or-tmp/-/home-or-tmp-2.0.0.tgz#e36c3f2d2cae7d746a857e38d18d5f32a7882db8"
@@ -3656,7 +3680,7 @@ object-copy@^0.1.0:
     define-property "^0.2.5"
     kind-of "^3.0.3"
 
-object-keys@^1.0.11, object-keys@^1.0.12:
+object-keys@^1.0.12, object-keys@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e"
   integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==
@@ -3669,14 +3693,14 @@ object-visit@^1.0.0:
     isobject "^3.0.0"
 
 object.assign@^4.1.0:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.0.tgz#968bf1100d7956bb3ca086f006f846b3bc4008da"
-  integrity sha512-exHJeq6kBKj58mqGyTQ9DFvrZC/eR6OwxzoM9YRoGBqrXYonaFyGiFMuc9VZrXf7DarreEwMpurG3dd+CNyW5w==
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.2.tgz#0ed54a342eceb37b38ff76eb831a0e788cb63940"
+  integrity sha512-ixT2L5THXsApyiUPYKmW+2EHpXXe5Ii3M+f4e+aJFAHao5amFRW6J0OO6c/LU8Be47utCx2GL89hxGB6XSmKuQ==
   dependencies:
-    define-properties "^1.1.2"
-    function-bind "^1.1.1"
-    has-symbols "^1.0.0"
-    object-keys "^1.0.11"
+    call-bind "^1.0.0"
+    define-properties "^1.1.3"
+    has-symbols "^1.0.1"
+    object-keys "^1.1.1"
 
 object.omit@^2.0.0:
   version "2.0.1"
@@ -5053,11 +5077,12 @@ yallist@^3.0.0, yallist@^3.0.3:
   integrity sha512-S+Zk8DEWE6oKpV+vI3qWkaK+jSbIK86pCwe2IF/xwIpQ8jEuxpw9NyaGjmp9+BoJv5FV2piqCDcoCtStppiq2A==
 
 yargs-parser@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-5.0.0.tgz#275ecf0d7ffe05c77e64e7c86e4cd94bf0e1228a"
-  integrity sha1-J17PDX/+Bcd+ZOfIbkzZS/DhIoo=
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-5.0.1.tgz#7ede329c1d8cdbbe209bd25cdb990e9b1ebbb394"
+  integrity sha512-wpav5XYiddjXxirPoCTUPbqM0PXvJ9hiBMvuJgInvo4/lAOTZzUprArw17q2O1P2+GHhbBr18/iQwjL5Z9BqfA==
   dependencies:
     camelcase "^3.0.0"
+    object.assign "^4.1.0"
 
 yargs-parser@^7.0.0:
   version "7.0.0"