From e83268ba499c6bf0c8325c338eaae37b181a5f2e Mon Sep 17 00:00:00 2001 From: snyk-test Date: Mon, 8 Jul 2019 08:38:11 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 --- .snyk | 27 ++++++++++++++++++++++++++- package.json | 2 +- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/.snyk b/.snyk index 4a43212..18ce95d 100644 --- a/.snyk +++ b/.snyk @@ -1,8 +1,33 @@ # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.10.2 +version: v1.13.5 ignore: {} # patches apply the minimum changes required to fix a vulnerability patch: 'npm:request:20160119': - express-uglify > winston > loggly > request: patched: '2018-02-28T13:04:50.087Z' + SNYK-JS-LODASH-450202: + - snyk > snyk-nuget-plugin > lodash: + patched: '2019-07-08T08:38:09.775Z' + - lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > @snyk/dep-graph > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > inquirer > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > snyk-mvn-plugin > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > snyk-nodejs-lockfile-parser > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > snyk-config > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > snyk-go-plugin > graphlib > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > @snyk/dep-graph > graphlib > lodash: + patched: '2019-07-08T08:38:09.775Z' + - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash: + patched: '2019-07-08T08:38:09.775Z' diff --git a/package.json b/package.json index 399cbad..270b32f 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "express-uglify": "*", "lodash": "~4.17.5", "btoa": "~1.1.0", - "snyk": "^1.69.10" + "snyk": "^1.192.3" }, "devDependencies": { "grunt": "~0.4.1",