From 3a3a6a010282c6b0816b86810627b59f505bee92 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Apr 2020 16:52:00 -0500 Subject: [PATCH 1/2] fix: linters/package.json & linters/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- linters/package.json | 66 ++++++++++++++++++++++++-------------------- 1 file changed, 36 insertions(+), 30 deletions(-) diff --git a/linters/package.json b/linters/package.json index 4e9de8d16b..19adfd3afb 100644 --- a/linters/package.json +++ b/linters/package.json @@ -1,32 +1,38 @@ { - "name": "nerdery-eslint", - "description": "Nerdery ESLint Ruleset", - "version": "2.1.0", - "repository": { - "type": "git", - "url": "https://github.com/thenerdery/javascript-standards.git" - }, - "keywords": [ - "style guide", - "lint", - "nerdery", - "es6", - "es7", - "es2015", - "es2016" - ], - "author": "Nerdery", - "license": "MIT", - "bugs": { - "url": "https://github.com/thenerdery/javascript-standards/issues" - }, - "homepage": "https://github.com/thenerdery/javascript-standards", - "dependencies": { - "eslint": "3.19.0", - "babel-eslint": "7.2.2", - "grunt": "1.0.1", - "grunt-eslint": "19.0.0", - "jit-grunt": "0.10.0", - "load-grunt-tasks": "3.5.2" - } + "name": "nerdery-eslint", + "description": "Nerdery ESLint Ruleset", + "version": "2.1.0", + "repository": { + "type": "git", + "url": "https://github.com/thenerdery/javascript-standards.git" + }, + "keywords": [ + "style guide", + "lint", + "nerdery", + "es6", + "es7", + "es2015", + "es2016" + ], + "author": "Nerdery", + "license": "MIT", + "bugs": { + "url": "https://github.com/thenerdery/javascript-standards/issues" + }, + "homepage": "https://github.com/thenerdery/javascript-standards", + "dependencies": { + "eslint": "3.19.0", + "babel-eslint": "7.2.2", + "grunt": "1.0.1", + "grunt-eslint": "19.0.0", + "jit-grunt": "0.10.0", + "load-grunt-tasks": "3.5.2", + "snyk": "^1.316.1" + }, + "scripts": { + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" + }, + "snyk": true } From eca20d461b341cc1bdb8596c8603ebad2b6e807a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Apr 2020 16:52:01 -0500 Subject: [PATCH 2/2] fix: linters/package.json & linters/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- linters/.snyk | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 linters/.snyk diff --git a/linters/.snyk b/linters/.snyk new file mode 100644 index 0000000000..9b986cacff --- /dev/null +++ b/linters/.snyk @@ -0,0 +1,26 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.14.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - eslint > lodash: + patched: '2020-04-30T21:51:58.547Z' + - babel-eslint > babel-types > lodash: + patched: '2020-04-30T21:51:58.547Z' + - babel-eslint > babel-traverse > lodash: + patched: '2020-04-30T21:51:58.547Z' + - eslint > inquirer > lodash: + patched: '2020-04-30T21:51:58.547Z' + - eslint > table > lodash: + patched: '2020-04-30T21:51:58.547Z' + - grunt-eslint > eslint > lodash: + patched: '2020-04-30T21:51:58.547Z' + - grunt > grunt-legacy-log > lodash: + patched: '2020-04-30T21:51:58.547Z' + - babel-eslint > babel-traverse > babel-types > lodash: + patched: '2020-04-30T21:51:58.547Z' + - grunt-eslint > eslint > inquirer > lodash: + patched: '2020-04-30T21:51:58.547Z' + - grunt-eslint > eslint > table > lodash: + patched: '2020-04-30T21:51:58.547Z'