From e7b113caa25d49ac6116065dc442f06807065700 Mon Sep 17 00:00:00 2001
From: Frederik Bolding <frederik.bolding@gmail.com>
Date: Mon, 14 Aug 2023 21:00:34 +0200
Subject: [PATCH] Bump SES to fix audit failure (#20434)

* Bump SES to fix audit failure

* Freeze Symbol
---
 app/scripts/lockdown-more.js |  2 +-
 package.json                 |  2 +-
 yarn.lock                    | 20 ++++++++++++++++++--
 3 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/app/scripts/lockdown-more.js b/app/scripts/lockdown-more.js
index e6637602a..317052312 100644
--- a/app/scripts/lockdown-more.js
+++ b/app/scripts/lockdown-more.js
@@ -28,7 +28,7 @@ try {
     const namedIntrinsics = Reflect.ownKeys(new Compartment().globalThis);
 
     // These named intrinsics are not automatically hardened by `lockdown`
-    const shouldHardenManually = new Set(['eval', 'Function']);
+    const shouldHardenManually = new Set(['eval', 'Function', 'Symbol']);
 
     const globalProperties = new Set([
       // universalPropertyNames is a constant added by lockdown to global scope
diff --git a/package.json b/package.json
index b1790a1e9..7e47069af 100644
--- a/package.json
+++ b/package.json
@@ -351,7 +351,7 @@
     "redux-thunk": "^2.3.0",
     "remove-trailing-slash": "^0.1.1",
     "reselect": "^3.0.1",
-    "ses": "^0.18.4",
+    "ses": "^0.18.7",
     "single-call-balance-checker-abi": "^1.0.0",
     "unicode-confusables": "^0.1.1",
     "uuid": "^8.3.2",
diff --git a/yarn.lock b/yarn.lock
index 476f1f709..3a3e78fa4 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1884,6 +1884,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@endo/env-options@npm:^0.1.3":
+  version: 0.1.3
+  resolution: "@endo/env-options@npm:0.1.3"
+  checksum: da8c66865d4d30b0053a00960657dc36f022975a888f0dd6a2f6bb37b9fe731f45a02a2cf263d93b1a40fcb37b25f8ba7076cb8af9e93fd95f496365d9382930
+  languageName: node
+  linkType: hard
+
 "@ensdomains/address-encoder@npm:^0.1.7":
   version: 0.1.9
   resolution: "@ensdomains/address-encoder@npm:0.1.9"
@@ -24758,7 +24765,7 @@ __metadata:
     selenium-webdriver: ^4.9.0
     semver: ^7.3.5
     serve-handler: ^6.1.2
-    ses: ^0.18.4
+    ses: ^0.18.7
     single-call-balance-checker-abi: ^1.0.0
     sinon: ^9.0.0
     source-map: ^0.7.2
@@ -31342,13 +31349,22 @@ __metadata:
   languageName: node
   linkType: hard
 
-"ses@npm:^0.18.1, ses@npm:^0.18.4":
+"ses@npm:^0.18.1":
   version: 0.18.4
   resolution: "ses@npm:0.18.4"
   checksum: 9afd6edcf390a693926ef728ebb5a435994bbb0f915009ad524c6588cf62e2f66f6d4b4b2694f093b2af2e92c003947ad55404750d756ba75ce70c8636a7ba02
   languageName: node
   linkType: hard
 
+"ses@npm:^0.18.7":
+  version: 0.18.7
+  resolution: "ses@npm:0.18.7"
+  dependencies:
+    "@endo/env-options": ^0.1.3
+  checksum: 75ac014771d9bc1f747193c6d0f9e7d2d7700a10311ba8d805d9bc78d4c20d4ef40537f0535b1ea6abf06babf67e70f8bd37b2ad68ad54992a0c5ce842181c87
+  languageName: node
+  linkType: hard
+
 "set-blocking@npm:^2.0.0, set-blocking@npm:~2.0.0":
   version: 2.0.0
   resolution: "set-blocking@npm:2.0.0"