fix: package.json, package-lock.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
randytarampi · Apr 30, 2020 · 9966aed · 9966aed
1 parent 2ba06c6
commit 9966aed
Showing 1 changed file with 78 additions and 1 deletion.
diff --git a/.snyk b/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.13.5
+version: v1.14.1
 ignore: {}
 # patches apply the minimum changes required to fix a vulnerability
 patch:
@@ -28,3 +28,80 @@ patch:
         patched: '2019-07-05T19:11:51.851Z'
     - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash:
         patched: '2019-07-05T19:11:51.851Z'
+  SNYK-JS-LODASH-567746:
+    - '@semantic-release/git > lodash':
+        patched: '2020-04-30T19:49:19.439Z'
+    - semantic-release > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - gulp-eslint > eslint > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - mocha > yargs-unparser > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - semantic-release > @semantic-release/release-notes-generator > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > graphlib > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > @snyk/ruby-semver > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > inquirer > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-config > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-mvn-plugin > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-nodejs-lockfile-parser > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-nuget-plugin > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - gulp-eslint > eslint > inquirer > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - gulp-eslint > eslint > table > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - gulp-mocha > mocha > yargs-unparser > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - nyc > istanbul-lib-instrument > @babel/core > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - semantic-release > @semantic-release/release-notes-generator > conventional-commits-parser > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - semantic-release > @semantic-release/release-notes-generator > conventional-changelog-writer > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > @snyk/dep-graph > graphlib > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-go-plugin > graphlib > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-nodejs-lockfile-parser > snyk-config > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-nuget-plugin > dotnet-deps-parser > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - nyc > istanbul-lib-instrument > @babel/core > @babel/helper-module-transforms > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > graphlib > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/ruby-semver > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > snyk-config > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - nyc > istanbul-lib-instrument > @babel/core > @babel/helpers > @babel/traverse > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - nyc > istanbul-lib-instrument > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - nyc > istanbul-lib-instrument > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - nyc > istanbul-lib-instrument > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
+        patched: '2020-04-30T19:49:19.439Z'
+    - nyc > istanbul-lib-instrument > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
+        patched: '2020-04-30T19:49:19.439Z'