From 2b8419ab9cc816ce93e25e8ff9d255e69f1756f3 Mon Sep 17 00:00:00 2001 From: snyk-test Date: Thu, 4 Jul 2019 04:06:33 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 --- .snyk | 10 ++++++++++ package.json | 10 +++++++--- 2 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 00000000..d2ce49fa --- /dev/null +++ b/.snyk @@ -0,0 +1,10 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.13.5 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-450202: + - lodash: + patched: '2019-07-04T04:06:18.909Z' + - react-router-relay > lodash: + patched: '2019-07-04T04:06:18.909Z' diff --git a/package.json b/package.json index 7e76b61f..d68be27b 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,9 @@ "lint:staged": "lint-staged", "test": "NODE_ENV=test jest", "test:watch": "NODE_ENV=test jest --watch", - "test:coverage": "npm test -- --coverage --collectCoverageFrom 'app/**/*.js' --collectCoverageFrom 'graphql/**/*.js'" + "test:coverage": "npm test -- --coverage --collectCoverageFrom 'app/**/*.js' --collectCoverageFrom 'graphql/**/*.js'", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "lint-staged": { "lint:eslint": "*.js", @@ -46,7 +48,8 @@ "react-router-relay": "^0.13.5", "recompose": "^0.20.2", "sanitize.css": "^4.1.0", - "whatwg-fetch": "^1.0.0" + "whatwg-fetch": "^1.0.0", + "snyk": "^1.189.0" }, "devDependencies": { "aws-sdk": "^2.4.8", @@ -103,5 +106,6 @@ "^.+\\.(jpg|png|gif|eot|svg|ttf|woff|woff2|mp4|webm)$": "/foundation/jest/fileMock.js", "^.+\\.css$": "/foundation/jest/cssMock.js" } - } + }, + "snyk": true }