From 024e2eb15c0869d1b15d2bb815d2b40aa53edfd8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 15 Jun 2024 07:09:08 +0000
Subject: [PATCH] fix: standalone-packages/codesandbox-browserfs/package.json,
 standalone-packages/codesandbox-browserfs/yarn.lock &
 standalone-packages/codesandbox-browserfs/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 standalone-packages/codesandbox-browserfs/.snyk        | 10 ++++++++++
 standalone-packages/codesandbox-browserfs/package.json | 10 +++++++---
 standalone-packages/codesandbox-browserfs/yarn.lock    |  5 +++++
 3 files changed, 22 insertions(+), 3 deletions(-)
 create mode 100644 standalone-packages/codesandbox-browserfs/.snyk

diff --git a/standalone-packages/codesandbox-browserfs/.snyk b/standalone-packages/codesandbox-browserfs/.snyk
new file mode 100644
index 00000000000..6b3256f8797
--- /dev/null
+++ b/standalone-packages/codesandbox-browserfs/.snyk
@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - karma-ie-launcher > lodash:
+        patched: '2024-06-15T07:08:11.969Z'
+        id: SNYK-JS-LODASH-567746
+        path: karma-ie-launcher > lodash
diff --git a/standalone-packages/codesandbox-browserfs/package.json b/standalone-packages/codesandbox-browserfs/package.json
index bbd37aced4f..24888caad29 100644
--- a/standalone-packages/codesandbox-browserfs/package.json
+++ b/standalone-packages/codesandbox-browserfs/package.json
@@ -111,12 +111,16 @@
     "test": "npm-run-all test:prepare test:karma",
     "watch-test": "npm-run-all test:prepare --parallel watch:scripts test:watch test:karma",
     "docs": "typedoc --mode modules --out doc --excludePrivate --readme src/DOCS.md --name BrowserFS --module umd --ignoreCompilerErrors src",
-    "install-dependencies": "yarn"
+    "install-dependencies": "yarn",
+    "prepare": "yarn run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "dependencies": {
     "async": "~2.6.1",
     "events": "^3.0.0",
     "gitignore-parser": "^0.0.2",
-    "pako": "~1.0.6"
-  }
+    "pako": "~1.0.6",
+    "@snyk/protect": "latest"
+  },
+  "snyk": true
 }
diff --git a/standalone-packages/codesandbox-browserfs/yarn.lock b/standalone-packages/codesandbox-browserfs/yarn.lock
index e49f9e9c073..82ebdfeb6a4 100644
--- a/standalone-packages/codesandbox-browserfs/yarn.lock
+++ b/standalone-packages/codesandbox-browserfs/yarn.lock
@@ -2,6 +2,11 @@
 # yarn lockfile v1
 
 
+"@snyk/protect@^1.1291.1":
+  version "1.1291.1"
+  resolved "https://registry.yarnpkg.com/@snyk/protect/-/protect-1.1291.1.tgz#45ed75d6d3f0ed14a08566271aed9e5a0a228646"
+  integrity sha512-Xb9Q4KkZTGOm5BGDBQDnPOU8YmIDUmj9Ub6O1qsCfkGm8Jk+VU6pTl5nhDYS/zmA8n5xJYEYRKUVI9mUZG8Hbg==
+
 "@types/archiver@~2.1.2":
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/@types/archiver/-/archiver-2.1.2.tgz#e84960d4872570d7c826589cd57f2c076bf198c5"