From ef5755f11a0ea3d476b956c54348f5a2a1d5a086 Mon Sep 17 00:00:00 2001 From: snyk-test Date: Wed, 3 Jul 2019 23:33:17 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 --- .snyk | 25 ++++++++++++++++++++++++- package.json | 2 +- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/.snyk b/.snyk index 367220a..ddf3e84 100644 --- a/.snyk +++ b/.snyk @@ -1,5 +1,5 @@ # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.13.3 +version: v1.13.5 ignore: {} # patches apply the minimum changes required to fix a vulnerability patch: @@ -9,3 +9,26 @@ patch: 'npm:uglify-js:20150824': - jade > transformers > uglify-js: patched: '2019-05-05T11:38:27.698Z' + SNYK-JS-LODASH-450202: + - snyk > snyk-nodejs-lockfile-parser > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > snyk-nuget-plugin > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > @snyk/dep-graph > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > inquirer > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > snyk-config > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > snyk-mvn-plugin > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > snyk-go-plugin > graphlib > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash: + patched: '2019-07-03T23:33:15.651Z' + - snyk > @snyk/dep-graph > graphlib > lodash: + patched: '2019-07-03T23:33:15.651Z' diff --git a/package.json b/package.json index be1f284..9799ace 100644 --- a/package.json +++ b/package.json @@ -17,7 +17,7 @@ "morgan": "~1.9.0", "serve-favicon": "~2.4.5", "express": "~4.16.0", - "snyk": "^1.161.1" + "snyk": "^1.189.0" }, "devDependencies": { "chai": "*",