chore: Drop snyk (#19245)

We use dependabot mainly instead of snyk

[skip ci]

.github/workflows/ui-tests.yml

@@ -123,7 +123,6 @@ jobs:
       - name: Verify yarn.lock
         run: |
           cd ~/frappe-bench/apps/frappe
-          yarn install --immutable --immutable-cache --check-cache
           git diff --exit-code yarn.lock
 
       - name: Instrument Source Code

.snyk

@@ -1,101 +0,0 @@
-# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.19.0
-# ignores vulnerabilities until expiry date; change duration by modifying expiry date
-ignore:
-  SNYK-JS-AWESOMPLETE-174474:
-    - awesomplete:
-        reason: No patch available
-        expires: '2019-06-11T14:12:04.995Z'
-  'npm:mem:20180117':
-    - showdown > yargs > os-locale > mem:
-        reason: No patch available
-        expires: '2019-06-11T14:12:04.995Z'
-  SNYK-PYTHON-PYYAML-550022:
-    - '*':
-        reason: Project is not directly dependant on the package
-        expires: 2021-04-01T18:02:21.256Z
-# patches apply the minimum changes required to fix a vulnerability
-patch:
-  'npm:extend:20180424':
-    - superagent > extend:
-        patched: '2019-05-09T10:14:19.246Z'
-  SNYK-JS-LODASH-450202:
-    - frappe-datatable > lodash:
-        patched: '2020-01-31T01:33:09.889Z'
-  SNYK-JS-LODASH-567746:
-    - frappe-datatable > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - quagga > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - tailwindcss > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - '@tailwindcss/ui > @tailwindcss/custom-forms > lodash':
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > @snyk/dep-graph > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > inquirer > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-config > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-mvn-plugin > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-nodejs-lockfile-parser > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-nuget-plugin > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-go-plugin > graphlib > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-nuget-plugin > dotnet-deps-parser > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/ruby-semver > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-04-30T23:02:32.330Z'
-    - quill-image-resize > lodash:
-        patched: '2020-08-24T23:06:37.710Z'
-    - node-sass > lodash:
-        patched: '2020-09-15T23:06:41.931Z'
-    - node-sass > sass-graph > lodash:
-        patched: '2020-09-15T23:06:41.931Z'
-    - node-sass > gaze > globule > lodash:
-        patched: '2020-09-15T23:06:41.931Z'
-    - snyk > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-cpp-plugin > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-go-plugin > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-gradle-plugin > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-docker-plugin > snyk-nodejs-lockfile-parser > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-php-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-gradle-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-mvn-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > @snyk/dep-graph > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'
-    - snyk > snyk-go-plugin > graphlib > lodash:
-        patched: '2020-09-16T23:06:38.881Z'

package.json

@@ -4,7 +4,6 @@
     "build": "node esbuild",
     "production": "node esbuild --production",
     "watch": "node esbuild --watch",
-    "snyk-protect": "snyk protect",
     "coverage:report": "npx nyc report --reporter=clover"
   },
   "repository": {
@@ -23,8 +22,8 @@
   "dependencies": {
     "@editorjs/editorjs": "2.20.0",
     "@frappe/esbuild-plugin-postcss2": "^0.1.3",
-    "@vueuse/core":"^9.5.0",
     "@vue/component-compiler": "^4.2.4",
+    "@vueuse/core": "^9.5.0",
     "ace-builds": "^1.4.8",
     "air-datepicker": "github:frappe/air-datepicker",
     "autoprefixer": "10",
@@ -66,7 +65,6 @@
     "rtlcss": "^3.2.1",
     "sass": "^1.53.0",
     "showdown": "^2.1.0",
-    "snyk": "^1.996.0",
     "socket.io": "^4.5.1",
     "socket.io-client": "^4.5.1",
     "sortablejs": "1.9.0",
@@ -78,7 +76,6 @@
     "vuex": "4.0.2",
     "yargs": "^17.5.1"
   },
-  "snyk": true,
   "nyc": {
     "report-dir": ".cypress-coverage"
   }

yarn.lock

@@ -3184,11 +3184,6 @@ side-channel@^1.0.2, side-channel@^1.0.4:
     get-intrinsic "^1.0.2"
     object-inspect "^1.9.0"
 
-snyk@^1.996.0:
-  version "1.996.0"
-  resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.996.0.tgz#0369ca9e6a3a148751294c1320f59a79d5eb3c88"
-  integrity sha512-nq//Ely0bSt50LzX9Er5lCQNqTpaKn7I7xkhUB3Z+8rs8Jqha360HeQwhbVzsuQS3xT/1+36zt6CcgyLPM1QbA==
-
 socket.io-adapter@~2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/socket.io-adapter/-/socket.io-adapter-2.4.0.tgz#b50a4a9ecdd00c34d4c8c808224daa1a786152a6"