Skip to content

Commit

Permalink
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
  • Loading branch information
@snyk-bot @travi
snyk-bot authored and travi committed Nov 28, 2020
1 parent 09bd8ab commit c91fe41
Show file tree
Hide file tree
Showing 3 changed files with 133 additions and 31 deletions.
38 changes: 37 additions & 1 deletion .snyk
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.14.1
version: v1.19.0
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
Expand All @@ -8,3 +8,39 @@ patch:
patched: '2020-05-01T05:54:49.685Z'
- '@travi/travi.org-core-components > @emotion/core > @emotion/css > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash':
patched: '2020-05-01T05:54:49.685Z'
- snyk > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-nodejs-lockfile-parser > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-go-plugin > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-cpp-plugin > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-docker-plugin > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-go-plugin > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-gradle-plugin > @snyk/java-call-graph-builder > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-docker-plugin > snyk-nodejs-lockfile-parser > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-php-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-python-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-gradle-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-mvn-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-python-plugin > snyk-poetry-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
- snyk > snyk-python-plugin > snyk-poetry-lockfile-parser > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
patched: '2020-11-27T22:42:01.337Z'
124 changes: 95 additions & 29 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@
"@travi/travi.org-core-components": "1.1.0",
"polished": "^4.0.0",
"prop-types": "15.7.2",
"snyk": "^1.425.4",
"snyk": "^1.431.2",
"travi": "1.0.0"
},
"snyk": true
Expand Down

0 comments on commit c91fe41

Please sign in to comment.