NoLog.cz/gancio-upstream
6
0
Fork 0
mirror of https://framagit.org/les/gancio.git synced 2025-01-31 08:32:23 +01:00
Code Issues Projects Releases Packages Wiki Activity

fix: package.json, yarn.lock & .snyk to reduce vulnerabilities

Browse source 
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
This commit is contained in:
snyk-bot 2022-06-06 14:58:14 +00:00 committed by lesion
parent a154fdf9e6
commit e359d51a99
No known key found for this signature in database
GPG key ID: 352918250B012177
3 changed files with 20 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.snyk Normal file
View file

@ -0,0 +1,8 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.25.0
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- express-oauth-server > oauth2-server > lodash:
patched: '2022-06-06T14:57:24.390Z'

10
package.json
View file

@ -13,7 +13,9 @@
"doc:dev": "cd docs && bundle exec jekyll s --drafts", "doc:dev": "cd docs && bundle exec jekyll s --drafts",
"migrate": "NODE_ENV=production sequelize db:migrate", "migrate": "NODE_ENV=production sequelize db:migrate",
"migrate:dev": "sequelize db:migrate", "migrate:dev": "sequelize db:migrate",
"build:wc": "cd webcomponents; yarn build:lib; cp dist/gancio-events.es.js ../wp-plugin/js/; cp dist/gancio-events.es.js ../assets/; cp dist/gancio-events.es.js ../docs/assets/js/" "build:wc": "cd webcomponents; yarn build:lib; cp dist/gancio-events.es.js ../wp-plugin/js/; cp dist/gancio-events.es.js ../assets/; cp dist/gancio-events.es.js ../docs/assets/js/",
"prepare": "yarn run snyk-protect",
"snyk-protect": "snyk-protect"
}, },
"files": [ "files": [
"server/", "server/",
@ -72,7 +74,8 @@
"vuetify": "npm:@vuetify/nightly@dev", "vuetify": "npm:@vuetify/nightly@dev",
"winston": "^3.7.2", "winston": "^3.7.2",
"winston-daily-rotate-file": "^4.7.1", "winston-daily-rotate-file": "^4.7.1",
"yargs": "^17.5.0" "yargs": "^17.5.0",
"@snyk/protect": "latest"
}, },
"devDependencies": { "devDependencies": {
"@nuxtjs/vuetify": "^1.12.3", "@nuxtjs/vuetify": "^1.12.3",
@ -109,5 +112,6 @@
"repository": { "repository": {
"type": "git", "type": "git",
"url": "https://framagit.org/les/gancio" "url": "https://framagit.org/les/gancio"
} },
"snyk": true
} }

5
yarn.lock
View file

@ -1897,6 +1897,11 @@
dependencies: dependencies:
"@sinonjs/commons" "^1.7.0" "@sinonjs/commons" "^1.7.0"
"@snyk/protect@^1.946.0":
version "1.946.0"
resolved "https://registry.yarnpkg.com/@snyk/protect/-/protect-1.946.0.tgz#4960ad4079145615d16fcbf2644ef016f08a7fdc"
integrity sha512-LdqVSuI3gFX87dLfZsUvlb5lp7XuURa22uY2oDuOyNxk4Z0gsSOoYxYrFXUW2RreH+mch1T6rU5HztQkoL38YQ==
"@tootallnate/once@1": "@tootallnate/once@1":
version "1.1.2" version "1.1.2"
resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.1.2.tgz#ccb91445360179a04e7fe6aff78c00ffc1eeaf82" resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.1.2.tgz#ccb91445360179a04e7fe6aff78c00ffc1eeaf82"