From 690b8b4f407fba95752c5351c89c78adff77742e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 7 May 2020 00:02:35 +0200 Subject: [PATCH 1/2] fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- package.json | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 4eadd3103..b0d21db80 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,8 @@ "eslint-plugin-react": "^4.0.0", "eslint-plugin-standard": "^1.3.1", "standard-engine": "^3.3.0", - "xtend": "^4.0.1" + "xtend": "^4.0.1", + "snyk": "^1.319.1" }, "devDependencies": { "babel-eslint": "^5.0.0", @@ -67,6 +68,9 @@ "test-disabled": "npm test -- --disabled", "test-offline": "npm test -- --offline", "test-offline-quick": "npm test -- --offline --quick", - "test-quick": "npm test -- --quick" - } + "test-quick": "npm test -- --quick", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" + }, + "snyk": true } From 608861e1fe857da67daf78066b970836a41b5759 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 7 May 2020 00:02:36 +0200 Subject: [PATCH 2/2] fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- .snyk | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 000000000..b0492e5df --- /dev/null +++ b/.snyk @@ -0,0 +1,12 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.14.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - eslint > lodash: + patched: '2020-05-06T22:02:33.543Z' + - eslint > inquirer > lodash: + patched: '2020-05-06T22:02:33.543Z' + - eslint > table > lodash: + patched: '2020-05-06T22:02:33.543Z'