Skip to content

Commit

Permalink
fix: package.json & .snyk to reduce vulnerabilities
Browse files Browse the repository at this point in the history
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303
- https://snyk.io/vuln/npm:debug:20170905


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
  • Loading branch information
snyk-bot committed Oct 21, 2024
1 parent 42a40dd commit 70191ff
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 4 deletions.
12 changes: 12 additions & 0 deletions .snyk
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.25.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- jest > @jest/core > @jest/transform > @babel/core > @babel/helpers > @babel/traverse > @babel/generator > lodash:
patched: '2024-10-21T04:07:39.494Z'
id: SNYK-JS-LODASH-567746
path: >-
jest > @jest/core > @jest/transform > @babel/core > @babel/helpers >
@babel/traverse > @babel/generator > lodash
12 changes: 8 additions & 4 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,8 @@
"uuid": "^8.3.0",
"walk-sync": "^1.1.4",
"webpack": "^5.0.0",
"webpack-cli": "^3.3.12"
"webpack-cli": "^3.3.12",
"@snyk/protect": "latest"
},
"devDependencies": {
"ajv": "^6.11.0",
Expand All @@ -96,7 +97,7 @@
"husky": "^4.2.1",
"image-size": "^0.7.4",
"japanese-characters": "^1.1.0",
"jest": "^26.0.1",
"jest": "^28.0.0",
"jest-expect-message": "^1.0.2",
"jest-github-actions-reporter": "^1.0.2",
"jest-puppeteer": "^4.4.0",
Expand Down Expand Up @@ -139,7 +140,9 @@
"check-deps": "node script/check-deps.js",
"prevent-pushes-to-main": "node script/prevent-pushes-to-main.js",
"pa11y-ci": "pa11y-ci",
"pa11y-test": "start-server-and-test browser-test-server 4001 pa11y-ci"
"pa11y-test": "start-server-and-test browser-test-server 4001 pa11y-ci",
"prepublish": "npm run snyk-protect",
"snyk-protect": "snyk-protect"
},
"engines": {
"node": "12 - 14"
Expand All @@ -157,5 +160,6 @@
"pre-commit": "node script/prevent-translation-commits.js",
"pre-push": "npm run prevent-pushes-to-main"
}
}
},
"snyk": true
}

0 comments on commit 70191ff

Please sign in to comment.