diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/color-convert/.snyk b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/color-convert/.snyk new file mode 100644 index 0000000000000..adc786ec9be9c --- /dev/null +++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/color-convert/.snyk @@ -0,0 +1,10 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:lodash:20180130': + - xo > eslint > inquirer > lodash: + patched: '2024-10-21T18:10:38.548Z' + id: 'npm:lodash:20180130' + path: xo > eslint > inquirer > lodash diff --git a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/color-convert/package.json b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/color-convert/package.json index dfbc471407ff4..95b8aec334778 100644 --- a/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/color-convert/package.json +++ b/workspaces/arborist/test/fixtures/tap-with-yarn-lock/node_modules/color-convert/package.json @@ -7,7 +7,9 @@ "repository": "Qix-/color-convert", "scripts": { "pretest": "xo", - "test": "node test/basic.js" + "test": "node test/basic.js", + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "keywords": [ "color", @@ -37,10 +39,12 @@ } }, "devDependencies": { - "chalk": "1.1.1", - "xo": "0.11.2" + "chalk": "2.0.0", + "xo": "0.42.0" }, "dependencies": { - "color-name": "1.1.3" - } + "color-name": "1.1.3", + "@snyk/protect": "latest" + }, + "snyk": true }