diff --git a/deps/v8/tools/clusterfuzz/js_fuzzer/.snyk b/deps/v8/tools/clusterfuzz/js_fuzzer/.snyk new file mode 100644 index 00000000000000..0a497fb4c72ea7 --- /dev/null +++ b/deps/v8/tools/clusterfuzz/js_fuzzer/.snyk @@ -0,0 +1,8 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - '@babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash': + patched: '2022-10-24T02:58:02.502Z' diff --git a/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json b/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json index 85eb89d09d93c1..ba626c57f520f3 100644 --- a/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json +++ b/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json @@ -137,6 +137,11 @@ "integrity": "sha512-yprFYuno9FtNsSHVlSWd+nRlmGoAbqbeCwOryP6sC/zoCjhpArcRMYp19EvpSUSizJAlsXEwJv+wcWS9XaXdMw==", "dev": true }, + "@snyk/protect": { + "version": "1.1040.0", + "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1040.0.tgz", + "integrity": "sha512-yOR+7AsLoDEtOFV9A5/2G9SlSQ8q6uUtOPL9hgZ8nVWa9G+DwEwP7KgyQul8WxgJ7SwAH3/1q4UwYPW9kiTL9A==" + }, "@types/color-name": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz", diff --git a/deps/v8/tools/clusterfuzz/js_fuzzer/package.json b/deps/v8/tools/clusterfuzz/js_fuzzer/package.json index 5a7796e6777485..63d955fb25b6ff 100644 --- a/deps/v8/tools/clusterfuzz/js_fuzzer/package.json +++ b/deps/v8/tools/clusterfuzz/js_fuzzer/package.json @@ -4,7 +4,9 @@ "description": "", "main": "run.js", "scripts": { - "test": "APP_NAME=d8 mocha" + "test": "APP_NAME=d8 mocha", + "prepare": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "bin": "run.js", "author": "ochang@google.com", @@ -18,7 +20,8 @@ "commander": "^2.11.0", "globals": "^10.1.0", "tempfile": "^3.0.0", - "tempy": "^0.5.0" + "tempy": "^0.5.0", + "@snyk/protect": "latest" }, "devDependencies": { "eslint": "^6.8.0", @@ -29,5 +32,6 @@ }, "pkg": { "assets": "resources/**/*" - } + }, + "snyk": true }