From 8a7f71a4921875c2c528ed8d63a40568ea2ff66b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 26 Apr 2023 20:41:56 +0000 Subject: [PATCH] fix: node_modules/wrappy/package.json & node_modules/wrappy/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 - https://snyk.io/vuln/SNYK-JS-HAWK-2808852 - https://snyk.io/vuln/SNYK-JS-JSYAML-173999 - https://snyk.io/vuln/SNYK-JS-JSYAML-174129 - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 - https://snyk.io/vuln/SNYK-JS-LODASH-450202 - https://snyk.io/vuln/SNYK-JS-LODASH-567746 - https://snyk.io/vuln/SNYK-JS-LODASH-608086 - https://snyk.io/vuln/SNYK-JS-LODASH-73638 - https://snyk.io/vuln/SNYK-JS-LODASH-73639 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818 - https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795 - https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 - https://snyk.io/vuln/npm:hoek:20180212 - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:minimatch:20160620 - https://snyk.io/vuln/npm:tunnel-agent:20170305 The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:hawk:20160119 - https://snyk.io/vuln/npm:http-signature:20150122 - https://snyk.io/vuln/npm:mime:20170907 - https://snyk.io/vuln/npm:request:20160119 - https://snyk.io/vuln/npm:tunnel-agent:20170305 --- node_modules/wrappy/.snyk | 20 ++++++++++++++++++++ node_modules/wrappy/package.json | 13 +++++++++---- 2 files changed, 29 insertions(+), 4 deletions(-) create mode 100644 node_modules/wrappy/.snyk diff --git a/node_modules/wrappy/.snyk b/node_modules/wrappy/.snyk new file mode 100644 index 0000000000..4199543516 --- /dev/null +++ b/node_modules/wrappy/.snyk @@ -0,0 +1,20 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:hawk:20160119': + - tap > codecov.io > request > hawk: + patched: '2023-04-26T20:41:48.379Z' + 'npm:http-signature:20150122': + - tap > codecov.io > request > http-signature: + patched: '2023-04-26T20:41:48.379Z' + 'npm:mime:20170907': + - tap > codecov.io > request > form-data > mime: + patched: '2023-04-26T20:41:48.379Z' + 'npm:request:20160119': + - tap > codecov.io > request: + patched: '2023-04-26T20:41:48.379Z' + 'npm:tunnel-agent:20170305': + - tap > codecov.io > request > tunnel-agent: + patched: '2023-04-26T20:41:48.379Z' diff --git a/node_modules/wrappy/package.json b/node_modules/wrappy/package.json index 277d8831b5..cfe4b6a146 100644 --- a/node_modules/wrappy/package.json +++ b/node_modules/wrappy/package.json @@ -9,12 +9,16 @@ "directories": { "test": "test" }, - "dependencies": {}, + "dependencies": { + "@snyk/protect": "latest" + }, "devDependencies": { - "tap": "^2.3.1" + "tap": "^14.6.8" }, "scripts": { - "test": "tap --coverage test/*.js" + "test": "tap --coverage test/*.js", + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "repository": { "type": "git", @@ -25,5 +29,6 @@ "bugs": { "url": "https://github.com/npm/wrappy/issues" }, - "homepage": "https://github.com/npm/wrappy" + "homepage": "https://github.com/npm/wrappy", + "snyk": true } \ No newline at end of file