Skip to content

Commit

Permalink
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
  • Loading branch information
@snyk-bot @Spiderpig86
snyk-bot authored and Spiderpig86 committed Sep 12, 2021
1 parent 8ec79f7 commit 587836c
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 3 deletions.
12 changes: 12 additions & 0 deletions .snyk
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.21.5
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- node-sass > lodash:
patched: '2021-09-10T09:11:19.781Z'
- node-sass > sass-graph > lodash:
patched: '2021-09-10T09:11:19.781Z'
- node-sass > gaze > globule > lodash:
patched: '2021-09-10T09:11:19.781Z'
5 changes: 5 additions & 0 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 7 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,9 @@
},
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1",
"build": "gulp minify"
"build": "gulp minify",
"prepare": "npm run snyk-protect",
"snyk-protect": "snyk-protect"
},
"publishConfig": {
"registry": "https://registry.npmjs.org"
Expand Down Expand Up @@ -63,6 +65,8 @@
"Opera >= 30"
],
"dependencies": {
"node-sass": "^6.0.1"
}
"node-sass": "^6.0.1",
"@snyk/protect": "latest"
},
"snyk": true
}

0 comments on commit 587836c

Please sign in to comment.