From 5a126132a483a1db012e24a627f0db5b6e6d9cf0 Mon Sep 17 00:00:00 2001
From: "continue[bot]" <continue[bot]@users.noreply.github.com>
Date: Fri, 14 Nov 2025 00:45:14 +0000
Subject: [PATCH 1/2] [Snyk] Document Next.js vulnerability as non-applicable

- Add .snyk policy file to ignore SNYK-JS-NEXT-9508709
- Next.js is only an optional peer dependency of iron-session in CLI extension
- Next.js is not actually installed or used in this project
- The vulnerability requires Next.js to be running as a server, which doesn't apply

Co-authored-by: nate <nate@continue.dev>

Generated with Continue (https://continue.dev)

Co-Authored-By: Continue <noreply@continue.dev>
---
 .snyk | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 00000000000..9b32781599f
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,13 @@
+# Snyk (https://snyk.io) policy file
+
+version: v1.25.0
+
+# Ignoring Next.js vulnerability SNYK-JS-NEXT-9508709
+# Reason: Next.js is only an optional peer dependency of iron-session in the CLI extension
+# and is not actually used or installed in this project. The vulnerability requires Next.js
+# to be running as a server, which doesn't apply to our use case.
+ignore:
+  SNYK-JS-NEXT-9508709:
+    - '*':
+        reason: Next.js is not used in this project - only an optional peer dependency
+        expires: 2026-02-14T00:00:00.000Z

From 9dcee054900c80a112ac70285448157897488fdd Mon Sep 17 00:00:00 2001
From: "continue[bot]" <continue[bot]@users.noreply.github.com>
Date: Fri, 14 Nov 2025 00:55:15 +0000
Subject: [PATCH 2/2] Fix binary package-lock.json sync issue

- Update tar from 7.4.3 to 7.5.1 to match package.json requirement
- Update minizlib from 3.0.2 to 3.1.0 as required dependency
- Remove unused mkdirp package
- Resolves CI failures in binary-checks and jetbrains-tests

This was a pre-existing issue in main branch, not caused by the Snyk fix.

Co-authored-by: nate <nate@continue.dev>

Generated with Continue (https://continue.dev)

Co-Authored-By: Continue <noreply@continue.dev>
---
 binary/package-lock.json | 34 +++++++++-------------------------
 1 file changed, 9 insertions(+), 25 deletions(-)

diff --git a/binary/package-lock.json b/binary/package-lock.json
index 2a7345a428e..b486f046a8d 100644
--- a/binary/package-lock.json
+++ b/binary/package-lock.json
@@ -19,7 +19,7 @@
         "node-fetch": "^3.3.2",
         "posthog-node": "^3.6.3",
         "system-ca": "^1.0.2",
-        "tar": "^7.4.3",
+        "tar": "^7.5.1",
         "undici": "^7.10.0",
         "uuid": "^9.0.1",
         "vectordb": "^0.4.20",
@@ -5451,9 +5451,9 @@
       }
     },
     "node_modules/minizlib": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.2.tgz",
-      "integrity": "sha512-oG62iEk+CYt5Xj2YqI5Xi9xWUeZhDI8jjQmC5oThVH5JGCTgIjr7ciJDzC7MBzYd//WvR1OTmP5Q38Q8ShQtVA==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.1.0.tgz",
+      "integrity": "sha512-KZxYo1BUkWD2TVFLr0MQoM8vUUigWD3LlD83a/75BqC+4qE0Hb1Vo5v1FgcfaNXvfXzr+5EhQ6ing/CaBijTlw==",
       "license": "MIT",
       "dependencies": {
         "minipass": "^7.1.2"
@@ -5462,21 +5462,6 @@
         "node": ">= 18"
       }
     },
-    "node_modules/mkdirp": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz",
-      "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==",
-      "license": "MIT",
-      "bin": {
-        "mkdirp": "dist/cjs/src/bin.js"
-      },
-      "engines": {
-        "node": ">=10"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
     "node_modules/mkdirp-classic": {
       "version": "0.5.3",
       "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz",
@@ -6659,16 +6644,15 @@
       }
     },
     "node_modules/tar": {
-      "version": "7.4.3",
-      "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz",
-      "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==",
-      "license": "ISC",
+      "version": "7.5.2",
+      "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.2.tgz",
+      "integrity": "sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==",
+      "license": "BlueOak-1.0.0",
       "dependencies": {
         "@isaacs/fs-minipass": "^4.0.0",
         "chownr": "^3.0.0",
         "minipass": "^7.1.2",
-        "minizlib": "^3.0.1",
-        "mkdirp": "^3.0.1",
+        "minizlib": "^3.1.0",
         "yallist": "^5.0.0"
       },
       "engines": {