From 0deec12a1744afbf620aad9aac5a2a9647c4f22d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 10 Feb 2018 05:03:16 +0000 Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:hawk:20160119 - https://snyk.io/vuln/npm:request:20160119 Latest report for enterstudio/google-cloud-node: https://snyk.io/test/github/enterstudio/google-cloud-node --- .snyk | 11 +++++++++++ package.json | 8 +++++++- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 00000000000..f2e2323031d --- /dev/null +++ b/.snyk @@ -0,0 +1,11 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.10.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:hawk:20160119': + - '@google-cloud/common > log-driver > codecov.io > request > hawk': + patched: '2018-02-10T05:03:15.448Z' + 'npm:request:20160119': + - '@google-cloud/common > log-driver > codecov.io > request': + patched: '2018-02-10T05:03:15.448Z' diff --git a/package.json b/package.json index 337fa4f8194..e68db36328f 100644 --- a/package.json +++ b/package.json @@ -44,10 +44,16 @@ "snippet-test": "mocha --timeout 5000 --bail test/docs.js", "system-test": "mocha packages/*/system-test/*.js --no-timeouts --bail", "cover": "istanbul cover _mocha --report lcovonly -x 'packages/*/src/v*/*.js' -- --no-timeouts --bail packages/*/test/*.js -R spec", - "coveralls": "npm run cover && cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js && rm -rf ./coverage" + "coveralls": "npm run cover && cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js && rm -rf ./coverage", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "license": "Apache-2.0", "engines": { "node": ">=0.12.0" + }, + "snyk": true, + "dependencies": { + "snyk": "^1.69.7" } }