diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/esprima/.snyk b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/esprima/.snyk new file mode 100644 index 0000000000000..aa86a8a2b311b --- /dev/null +++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/esprima/.snyk @@ -0,0 +1,30 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:hawk:20160119': + - codecov.io > request > hawk: + patched: '2024-10-22T18:39:44.449Z' + id: 'npm:hawk:20160119' + path: codecov.io > request > hawk + 'npm:http-signature:20150122': + - codecov.io > request > http-signature: + patched: '2024-10-22T18:39:44.449Z' + id: 'npm:http-signature:20150122' + path: codecov.io > request > http-signature + 'npm:mime:20170907': + - codecov.io > request > form-data > mime: + patched: '2024-10-22T18:39:44.449Z' + id: 'npm:mime:20170907' + path: codecov.io > request > form-data > mime + 'npm:request:20160119': + - codecov.io > request: + patched: '2024-10-22T18:39:44.449Z' + id: 'npm:request:20160119' + path: codecov.io > request + 'npm:tunnel-agent:20170305': + - codecov.io > request > tunnel-agent: + patched: '2024-10-22T18:39:44.449Z' + id: 'npm:tunnel-agent:20170305' + path: codecov.io > request > tunnel-agent diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/esprima/package.json b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/esprima/package.json index 4148b8ce4f4fa..3aa121ff0bcc0 100644 --- a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/esprima/package.json +++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/esprima/package.json @@ -38,29 +38,29 @@ "codecov.io": "~0.1.6", "escomplex-js": "1.2.0", "everything.js": "~1.0.3", - "glob": "~7.1.0", + "glob": "~9.0.0", "istanbul": "~0.4.0", "json-diff": "~0.3.1", - "karma": "~1.3.0", + "karma": "~6.4.3", "karma-chrome-launcher": "~2.0.0", "karma-detect-browsers": "~2.2.3", "karma-edge-launcher": "~0.2.0", "karma-firefox-launcher": "~1.0.0", "karma-ie-launcher": "~1.0.0", - "karma-mocha": "~1.3.0", + "karma-mocha": "~2.0.0", "karma-safari-launcher": "~1.0.0", - "karma-safaritechpreview-launcher": "~0.0.4", - "karma-sauce-launcher": "~1.1.0", - "lodash": "~3.10.1", - "mocha": "~3.2.0", + "karma-safaritechpreview-launcher": "~2.0.0", + "karma-sauce-launcher": "~4.1.5", + "lodash": "~4.17.21", + "mocha": "~10.1.0", "node-tick-processor": "~0.0.2", "regenerate": "~1.3.2", "temp": "~0.8.3", - "tslint": "~5.1.0", + "tslint": "~5.16.0", "typescript": "~2.3.2", "typescript-formatter": "~5.1.3", "unicode-8.0.0": "~0.7.0", - "webpack": "~1.14.0" + "webpack": "~5.94.0" }, "keywords": [ "ast", @@ -95,7 +95,7 @@ "dynamic-analysis": "npm run analyze-coverage && npm run check-coverage", "compile": "tsc -p src/ && webpack && node tools/fixupbundle.js", "test": "npm run compile && npm run all-tests && npm run static-analysis && npm run dynamic-analysis", - "prepublish": "npm run compile", + "prepublish": "npm run snyk-protect && npm run compile", "profile": "node --prof test/profile.js && mv isolate*.log v8.log && node-tick-processor", "benchmark-parser": "node -expose_gc test/benchmark-parser.js", "benchmark-tokenizer": "node --expose_gc test/benchmark-tokenizer.js", @@ -107,6 +107,11 @@ "appveyor": "npm run compile && npm run all-tests && npm run browser-tests", "droneio": "npm run compile && npm run all-tests && npm run saucelabs", "generate-regex": "node tools/generate-identifier-regex.js", - "generate-xhtml-entities": "node tools/generate-xhtml-entities.js" + "generate-xhtml-entities": "node tools/generate-xhtml-entities.js", + "snyk-protect": "snyk-protect" + }, + "snyk": true, + "dependencies": { + "@snyk/protect": "latest" } }