From 44a47ca7f167bcf58a701a0cb81b5abed8c4a67d Mon Sep 17 00:00:00 2001
From: Steven <steven.fountain@digital.cabinet-office.gov.uk>
Date: Sun, 7 Feb 2021 14:46:04 +0000
Subject: [PATCH] BAU: npm audit force patched node-fetch version

`node-fetch` has been fixed at <= 2.6.0 in the `@nivo` libraries, there
is a tracked removal of these deprecated methods
https://github.com/plouc/nivo/issues/884.

This has been ongoing for roughly a year and looks like it won't be
patched in all the dependent modules (nivo/line) for a while.

The only parts of this app that use nivo/ react is the live payments
dashboard, the proposal is to split this out into its own component
repository as these kind of issues shouldn't reuqire maintenance for Pay
backend devs.

In the meantime none of the nivo components for the live payments
dashboard use asynchronous loading, as this is never used it is safe to
patch out the library failing npm audit (node fetch) until these
dependencies are moved over to a separate component repository and
handled and tracked over there.
---
 package-lock.json | 29 +++++++++--------------------
 1 file changed, 9 insertions(+), 20 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index ac5bf3565..ee8c9f0e8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6513,7 +6513,7 @@
       "integrity": "sha1-YRrhrPFPXoH3KVB0coGf6XM1WKk=",
       "dev": true,
       "dependencies": {
-        "node-fetch": "^1.0.1",
+        "node-fetch": "2.6.1",
         "whatwg-fetch": ">=0.10.0"
       }
     },
@@ -7664,14 +7664,9 @@
       }
     },
     "node_modules/node-fetch": {
-      "version": "1.7.3",
-      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-1.7.3.tgz",
-      "integrity": "sha512-NhZ4CsKx7cYm2vSrBAr2PvFOe6sWDf0UYLRqA6svUYg7+/TSfVAu49jYC4BvQ4Sms9SZgdqGBgroqfDhJdTyKQ==",
-      "dev": true,
-      "dependencies": {
-        "encoding": "^0.1.11",
-        "is-stream": "^1.0.1"
-      }
+      "version": "2.6.1",
+      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz",
+      "dev": true
     },
     "node_modules/node-gyp": {
       "version": "3.8.0",
@@ -16102,8 +16097,7 @@
       "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k="
     },
     "encoding": {
-      "version": "0.1.13",
-      "resolved": "https://registry.npmjs.org/encoding/-/encoding-0.1.13.tgz",
+      "version": "https://registry.npmjs.org/encoding/-/encoding-0.1.13.tgz",
       "integrity": "sha512-ETBauow1T35Y/WZMkio9jiM0Z5xjHHmJ4XmjZOq1l/dXz3lr2sRn87nJy20RupqSh1F2m3HHPSp8ShIPQJrJ3A==",
       "dev": true,
       "requires": {
@@ -18342,7 +18336,7 @@
       "integrity": "sha1-YRrhrPFPXoH3KVB0coGf6XM1WKk=",
       "dev": true,
       "requires": {
-        "node-fetch": "^1.0.1",
+        "node-fetch": "2.6.1",
         "whatwg-fetch": ">=0.10.0"
       }
     },
@@ -19307,14 +19301,9 @@
       }
     },
     "node-fetch": {
-      "version": "1.7.3",
-      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-1.7.3.tgz",
-      "integrity": "sha512-NhZ4CsKx7cYm2vSrBAr2PvFOe6sWDf0UYLRqA6svUYg7+/TSfVAu49jYC4BvQ4Sms9SZgdqGBgroqfDhJdTyKQ==",
-      "dev": true,
-      "requires": {
-        "encoding": "^0.1.11",
-        "is-stream": "^1.0.1"
-      }
+      "version": "2.6.1",
+      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz",
+      "dev": true
     },
     "node-gyp": {
       "version": "3.8.0",