Skip to content

Commit

Permalink
fix: standalone-packages/monaco-editor/package.json, standalone-packa…
Browse files Browse the repository at this point in the history
…ges/monaco-editor/yarn.lock & standalone-packages/monaco-editor/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
  • Loading branch information
snyk-bot committed Jul 5, 2024
1 parent 865fbdb commit ff19e9f
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 2 deletions.
10 changes: 10 additions & 0 deletions standalone-packages/monaco-editor/.snyk
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.25.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- typedoc > lodash:
patched: '2024-07-05T15:46:17.993Z'
id: SNYK-JS-LODASH-567746
path: typedoc > lodash
9 changes: 7 additions & 2 deletions standalone-packages/monaco-editor/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,9 @@
"scripts": {
"simpleserver": "gulp simpleserver",
"release": "gulp release",
"website": "gulp website"
"website": "gulp website",
"prepare": "yarn run snyk-protect",
"snyk-protect": "snyk-protect"
},
"typings": "./esm/vs/editor/editor.api.d.ts",
"module": "./esm/vs/editor/editor.main.js",
Expand All @@ -33,5 +35,8 @@
"uncss": "^0.16.2",
"vinyl": "^0.5.3"
},
"dependencies": {}
"dependencies": {
"@snyk/protect": "latest"
},
"snyk": true
}
5 changes: 5 additions & 0 deletions standalone-packages/monaco-editor/yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,11 @@
# yarn lockfile v1


"@snyk/protect@^1.1292.1":
version "1.1292.1"
resolved "https://registry.yarnpkg.com/@snyk/protect/-/protect-1.1292.1.tgz#fe67905a5681828ac315b03e366427405e762157"
integrity sha512-wM/0JGs1PhN30nigmOSfEPge3pyEHBAEN3/5/EoyIPOsUsZl/pKBEb2TwZnYbnfTKQi7CpyOKkVIaw40CBbQVA==

"@types/events@*":
version "1.2.0"
resolved "https://registry.yarnpkg.com/@types/events/-/events-1.2.0.tgz#81a6731ce4df43619e5c8c945383b3e62a89ea86"
Expand Down

0 comments on commit ff19e9f

Please sign in to comment.