diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk new file mode 100644 index 0000000000000..c4ca074e6fc8d --- /dev/null +++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/.snyk @@ -0,0 +1,10 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:minimatch:20160620': + - browserify > glob > minimatch: + patched: '2024-10-22T17:24:10.515Z' + id: 'npm:minimatch:20160620' + path: browserify > glob > minimatch diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json index dc787ba76781d..334b30b8ba6e0 100644 --- a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json +++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/debug/package.json @@ -18,23 +18,24 @@ ], "license": "MIT", "dependencies": { - "ms": "2.0.0" + "ms": "2.0.0", + "@snyk/protect": "latest" }, "devDependencies": { - "browserify": "9.0.3", + "browserify": "13.2.0", "chai": "^3.5.0", "concurrently": "^3.1.0", - "coveralls": "^2.11.15", - "eslint": "^3.12.1", + "coveralls": "^3.0.10", + "eslint": "^9.0.0", "istanbul": "^0.4.5", - "karma": "^1.3.0", + "karma": "^6.4.3", "karma-chai": "^0.1.0", - "karma-mocha": "^1.3.0", + "karma-mocha": "^2.0.0", "karma-phantomjs-launcher": "^1.0.2", "karma-sinon": "^1.0.5", - "mocha": "^3.2.0", + "mocha": "^10.1.0", "mocha-lcov-reporter": "^1.2.0", - "rimraf": "^2.5.4", + "rimraf": "^4.3.1", "sinon": "^1.17.6", "sinon-chai": "^2.8.0" }, @@ -45,5 +46,10 @@ "debug/index.js": "browser.js", "debug/debug.js": "debug.js" } - } + }, + "scripts": { + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" + }, + "snyk": true }