From 1319553ee0f8c7f5d46bb0b4fb63e3b6321f3e36 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Apr 2020 18:06:39 -0400 Subject: [PATCH 1/2] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- .snyk | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.snyk b/.snyk index 2823b4c..f6e6b5a 100644 --- a/.snyk +++ b/.snyk @@ -1,5 +1,5 @@ # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.10.1 +version: v1.14.1 ignore: {} # patches apply the minimum changes required to fix a vulnerability patch: @@ -15,3 +15,6 @@ patch: 'npm:ms:20170412': - eclint > gulp-reporter > bufferstreams > debug > ms: patched: '2018-02-08T01:42:12.088Z' + SNYK-JS-LODASH-567746: + - eclint > lodash: + patched: '2020-04-30T22:06:37.454Z' From 7b57959fe3425c32ce716d3c5fa67bd9274ff68f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Apr 2020 18:06:40 -0400 Subject: [PATCH 2/2] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 097dbc6..fc315cc 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "isbinaryfile": "^3.0.2", "sha.js": "^2.4.8", "vinyl": "^2.0.2", - "snyk": "^1.69.6" + "snyk": "^1.316.1" }, "devDependencies": { "codeclimate-test-reporter": "^0.4.1", @@ -25,7 +25,7 @@ "test.debug": "nyc --reporter=lcov-only --reporter=text-summary --reporter=html mocha -gc debug test", "codeclimate-coverage": "codeclimate-test-reporter < coverage/lcov.info", "snyk-protect": "snyk protect", - "prepublish": "npm run snyk-protect" + "prepublish": "yarn run snyk-protect" }, "repository": { "type": "git",