From 2b4199ebd8f9930301edc406675fba281de8b1fc Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 28 Sep 2022 15:57:20 +0000
Subject: [PATCH] fix: deps/v8/tools/clusterfuzz/js_fuzzer/package.json,
 deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json &
 deps/v8/tools/clusterfuzz/js_fuzzer/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 deps/v8/tools/clusterfuzz/js_fuzzer/.snyk          | 14 ++++++++++++++
 .../tools/clusterfuzz/js_fuzzer/package-lock.json  |  5 +++++
 deps/v8/tools/clusterfuzz/js_fuzzer/package.json   | 10 +++++++---
 3 files changed, 26 insertions(+), 3 deletions(-)
 create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/.snyk

diff --git a/deps/v8/tools/clusterfuzz/js_fuzzer/.snyk b/deps/v8/tools/clusterfuzz/js_fuzzer/.snyk
new file mode 100644
index 00000000000000..88c723fbf6ab9a
--- /dev/null
+++ b/deps/v8/tools/clusterfuzz/js_fuzzer/.snyk
@@ -0,0 +1,14 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - '@babel/traverse > lodash':
+        patched: '2022-09-28T15:57:15.330Z'
+    - '@babel/traverse > @babel/generator > lodash':
+        patched: '2022-09-28T15:57:15.330Z'
+    - '@babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash':
+        patched: '2022-09-28T15:57:15.330Z'
+    - '@babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash':
+        patched: '2022-09-28T15:57:15.330Z'
diff --git a/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json b/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json
index 85eb89d09d93c1..e2e62b4e8fc050 100644
--- a/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json
+++ b/deps/v8/tools/clusterfuzz/js_fuzzer/package-lock.json
@@ -137,6 +137,11 @@
       "integrity": "sha512-yprFYuno9FtNsSHVlSWd+nRlmGoAbqbeCwOryP6sC/zoCjhpArcRMYp19EvpSUSizJAlsXEwJv+wcWS9XaXdMw==",
       "dev": true
     },
+    "@snyk/protect": {
+      "version": "1.1014.0",
+      "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1014.0.tgz",
+      "integrity": "sha512-dTuWkCXZVr0Vi5G+uiHbRwLcqApDFQQ/QnJ49vM9Jwt69EFzYebi/YdID5O42PFUeMnU7gNlhm5MoZH34XciMg=="
+    },
     "@types/color-name": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz",
diff --git a/deps/v8/tools/clusterfuzz/js_fuzzer/package.json b/deps/v8/tools/clusterfuzz/js_fuzzer/package.json
index 5a7796e6777485..63d955fb25b6ff 100644
--- a/deps/v8/tools/clusterfuzz/js_fuzzer/package.json
+++ b/deps/v8/tools/clusterfuzz/js_fuzzer/package.json
@@ -4,7 +4,9 @@
   "description": "",
   "main": "run.js",
   "scripts": {
-    "test": "APP_NAME=d8 mocha"
+    "test": "APP_NAME=d8 mocha",
+    "prepare": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "bin": "run.js",
   "author": "ochang@google.com",
@@ -18,7 +20,8 @@
     "commander": "^2.11.0",
     "globals": "^10.1.0",
     "tempfile": "^3.0.0",
-    "tempy": "^0.5.0"
+    "tempy": "^0.5.0",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "eslint": "^6.8.0",
@@ -29,5 +32,6 @@
   },
   "pkg": {
     "assets": "resources/**/*"
-  }
+  },
+  "snyk": true
 }