[Snyk] Fix for 1 vulnerable dependencies (#188)

* fix: init-container/.snyk & init-container/package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-AXIOS-174505 * apply patch when building docker image
Soluto · May 12, 2019 · e3b083f · e3b083f
1 parent f3798c8
commit e3b083f
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 5 deletions.
diff --git a/init-container/.snyk b/init-container/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.3
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-AXIOS-174505:
+    - axios:
+        patched: '2019-05-05T23:46:51.246Z'
diff --git a/init-container/Dockerfile b/init-container/Dockerfile
@@ -9,11 +9,13 @@ WORKDIR /home/node/app
 # where available (npm@5+)
 COPY package*.json yarn.lock ./
 
-RUN yarn --prod
+RUN yarn --prod 
 
 # Bundle app source
 COPY . .
 
+RUN yarn run snyk-protect
+
 USER node
 
 ENTRYPOINT [ "node", "index.js" ]
diff --git a/init-container/package.json b/init-container/package.json
@@ -1,16 +1,20 @@
 {
   "name": "init-decryptor",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Meant to be used inside init container to read encrypted values from a given folder and decrypt to them into a json in a given folder",
   "main": "index.js",
   "scripts": {
-    "test": "cd tests && ./run_test.sh"
+    "test": "cd tests && ./run_test.sh",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "author": "Soluto",
   "license": "MIT",
   "dependencies": {
     "axios": "^0.18.0",
     "commander": "^2.19.0",
-    "node-readfiles": "^0.2.0"
-  }
+    "node-readfiles": "^0.2.0",
+    "snyk": "^1.161.1"
+  },
+  "snyk": true
 }