Skip to content

Commit c91fe41

Browse files
snyk-bottravi
snyk-bot
authored and
travi
committed
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
1 parent 09bd8ab commit c91fe41

File tree

3 files changed

+133
-31
lines changed

3 files changed

+133
-31
lines changed

.snyk

+37-1
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
2-
version: v1.14.1
2+
version: v1.19.0
33
ignore: {}
44
# patches apply the minimum changes required to fix a vulnerability
55
patch:
@@ -8,3 +8,39 @@ patch:
88
patched: '2020-05-01T05:54:49.685Z'
99
- '@travi/travi.org-core-components > @emotion/core > @emotion/css > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash':
1010
patched: '2020-05-01T05:54:49.685Z'
11+
- snyk > graphlib > lodash:
12+
patched: '2020-11-27T22:42:01.337Z'
13+
- snyk > @snyk/dep-graph > graphlib > lodash:
14+
patched: '2020-11-27T22:42:01.337Z'
15+
- snyk > snyk-nodejs-lockfile-parser > graphlib > lodash:
16+
patched: '2020-11-27T22:42:01.337Z'
17+
- snyk > snyk-go-plugin > graphlib > lodash:
18+
patched: '2020-11-27T22:42:01.337Z'
19+
- snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash:
20+
patched: '2020-11-27T22:42:01.337Z'
21+
- snyk > snyk-cpp-plugin > @snyk/dep-graph > graphlib > lodash:
22+
patched: '2020-11-27T22:42:01.337Z'
23+
- snyk > snyk-docker-plugin > @snyk/dep-graph > graphlib > lodash:
24+
patched: '2020-11-27T22:42:01.337Z'
25+
- snyk > snyk-go-plugin > @snyk/dep-graph > graphlib > lodash:
26+
patched: '2020-11-27T22:42:01.337Z'
27+
- snyk > snyk-gradle-plugin > @snyk/java-call-graph-builder > graphlib > lodash:
28+
patched: '2020-11-27T22:42:01.337Z'
29+
- snyk > snyk-docker-plugin > snyk-nodejs-lockfile-parser > graphlib > lodash:
30+
patched: '2020-11-27T22:42:01.337Z'
31+
- snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > graphlib > lodash:
32+
patched: '2020-11-27T22:42:01.337Z'
33+
- snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
34+
patched: '2020-11-27T22:42:01.337Z'
35+
- snyk > snyk-php-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
36+
patched: '2020-11-27T22:42:01.337Z'
37+
- snyk > snyk-python-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
38+
patched: '2020-11-27T22:42:01.337Z'
39+
- snyk > snyk-gradle-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
40+
patched: '2020-11-27T22:42:01.337Z'
41+
- snyk > snyk-mvn-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
42+
patched: '2020-11-27T22:42:01.337Z'
43+
- snyk > snyk-python-plugin > snyk-poetry-lockfile-parser > @snyk/dep-graph > graphlib > lodash:
44+
patched: '2020-11-27T22:42:01.337Z'
45+
- snyk > snyk-python-plugin > snyk-poetry-lockfile-parser > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash:
46+
patched: '2020-11-27T22:42:01.337Z'

package-lock.json

+95-29
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@
107107
"@travi/travi.org-core-components": "1.1.0",
108108
"polished": "^4.0.0",
109109
"prop-types": "15.7.2",
110-
"snyk": "^1.425.4",
110+
"snyk": "^1.431.2",
111111
"travi": "1.0.0"
112112
},
113113
"snyk": true

0 commit comments

Comments
 (0)