From 35cf024d4a056f6000e3f8e6d284d8810c137aeb Mon Sep 17 00:00:00 2001 From: snyk-test Date: Thu, 4 Jul 2019 19:14:28 +0000 Subject: [PATCH] fix: .snyk, package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 --- .snyk | 22 ++++++++++++++++++++++ package-lock.json | 20 ++++++++++---------- package.json | 2 +- 3 files changed, 33 insertions(+), 11 deletions(-) diff --git a/.snyk b/.snyk index 26501b5..49bef8b 100644 --- a/.snyk +++ b/.snyk @@ -8,3 +8,25 @@ patch: patched: '2019-07-03T21:06:51.075Z' - restify > restify-errors > lodash: patched: '2019-07-03T21:06:51.075Z' + - snyk > snyk-config > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > snyk-nodejs-lockfile-parser > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > snyk-mvn-plugin > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > @snyk/dep-graph > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > snyk-nuget-plugin > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > inquirer > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > snyk-go-plugin > graphlib > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > @snyk/dep-graph > graphlib > lodash: + patched: '2019-07-04T19:13:58.288Z' + - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash: + patched: '2019-07-04T19:13:58.288Z' diff --git a/package-lock.json b/package-lock.json index cbd5244..575778b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4256,9 +4256,9 @@ } }, "jszip": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/jszip/-/jszip-3.2.1.tgz", - "integrity": "sha512-iCMBbo4eE5rb1VCpm5qXOAaUiRKRUKiItn8ah2YQQx9qymmSAY98eyQfioChEYcVQLh0zxJ3wS4A0mh90AVPvw==", + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jszip/-/jszip-3.2.2.tgz", + "integrity": "sha512-NmKajvAFQpbg3taXQXr/ccS2wcucR1AZ+NtyWp2Nq7HHVsXhcJFR8p0Baf32C2yVvBylFWVeKf+WI2AnvlPhpA==", "requires": { "lie": "~3.3.0", "pako": "~1.0.2", @@ -6460,9 +6460,9 @@ } }, "snyk": { - "version": "1.189.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.189.0.tgz", - "integrity": "sha512-oaWsFAoRlpAOaUBCyskHtxdMMXeOG0PS8dzo3fmUmMbLzfDY7ZqvX8nLe2ALrKa+QRZshbrGy62107LoAksEYQ==", + "version": "1.192.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.192.0.tgz", + "integrity": "sha512-+js/wtkeFndQRnHayPZLtqL0BJcDIICV2BdmtJZlYkGE+Jthm76tazJlpYWCAXe6D3VzSXE15Mb9drMp1vH4Fg==", "requires": { "@snyk/dep-graph": "1.8.1", "@snyk/gemfile": "1.2.0", @@ -6496,7 +6496,7 @@ "snyk-python-plugin": "1.10.2", "snyk-resolve": "1.0.1", "snyk-resolve-deps": "4.0.3", - "snyk-sbt-plugin": "2.5.2", + "snyk-sbt-plugin": "2.5.5", "snyk-tree": "^1.0.0", "snyk-try-require": "1.3.1", "source-map-support": "^0.5.11", @@ -6954,9 +6954,9 @@ } }, "snyk-sbt-plugin": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/snyk-sbt-plugin/-/snyk-sbt-plugin-2.5.2.tgz", - "integrity": "sha512-2PNxLpTmazSArZlDTTF72lG7kXStHcqQsTaFRulU5InelAbI9GGK1/taI++qbdMhHjxRUKuYMsXyttxIBfSQTg==", + "version": "2.5.5", + "resolved": "https://registry.npmjs.org/snyk-sbt-plugin/-/snyk-sbt-plugin-2.5.5.tgz", + "integrity": "sha512-oSybTDLw8VF2nOdlbL7GRHafCxsM6ydTH6hKacvpN6mYDbNaohscAWB/FjLIPCCimVorWldEdSdotSCukq2eYg==", "requires": { "child_process": "1.0.2", "fs": "0.0.1-security", diff --git a/package.json b/package.json index 8c81548..52b9844 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "pi-spi": "^1.0.3", "restify": "^6.4.0", "vm2": "^3.6.10", - "snyk": "^1.189.0" + "snyk": "^1.192.0" }, "devDependencies": { "eslint": "^4.19.1",