diff --git a/tools/node_modules/@babel/eslint-parser/node_modules/esrecurse/node_modules/estraverse/.snyk b/tools/node_modules/@babel/eslint-parser/node_modules/esrecurse/node_modules/estraverse/.snyk
new file mode 100644
index 00000000000000..73e42b44d79d9b
--- /dev/null
+++ b/tools/node_modules/@babel/eslint-parser/node_modules/esrecurse/node_modules/estraverse/.snyk
@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:minimatch:20160620':
+    - gulp > vinyl-fs > glob-stream > minimatch:
+        patched: '2023-04-27T19:25:25.156Z'
+    - gulp > vinyl-fs > glob-watcher > gaze > globule > minimatch:
+        patched: '2023-04-27T19:25:25.156Z'
+    - gulp > vinyl-fs > glob-watcher > gaze > globule > glob > minimatch:
+        patched: '2023-04-27T19:25:25.156Z'
diff --git a/tools/node_modules/@babel/eslint-parser/node_modules/esrecurse/node_modules/estraverse/package.json b/tools/node_modules/@babel/eslint-parser/node_modules/esrecurse/node_modules/estraverse/package.json
index bc99e7c4a64674..ad71f4637ef7d4 100644
--- a/tools/node_modules/@babel/eslint-parser/node_modules/esrecurse/node_modules/estraverse/package.json
+++ b/tools/node_modules/@babel/eslint-parser/node_modules/esrecurse/node_modules/estraverse/package.json
@@ -23,18 +23,24 @@
     "babel-register": "^6.3.13",
     "chai": "^2.1.1",
     "espree": "^1.11.0",
-    "gulp": "^3.8.10",
-    "gulp-bump": "^0.2.2",
+    "gulp": "^4.0.0",
+    "gulp-bump": "^2.0.0",
     "gulp-filter": "^2.0.0",
     "gulp-git": "^1.0.1",
     "gulp-tag-version": "^1.3.0",
     "jshint": "^2.5.6",
-    "mocha": "^2.1.0"
+    "mocha": "^10.1.0"
   },
   "license": "BSD-2-Clause",
   "scripts": {
     "test": "npm run-script lint && npm run-script unit-test",
     "lint": "jshint estraverse.js",
-    "unit-test": "mocha --compilers js:babel-register"
+    "unit-test": "mocha --compilers js:babel-register",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
+  },
+  "snyk": true,
+  "dependencies": {
+    "@snyk/protect": "latest"
   }
 }