Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #163

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
184 changes: 184 additions & 0 deletions examples/gatsbygram/.snyk
Original file line number Diff line number Diff line change
@@ -0,0 +1,184 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.14.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby-plugin-offline > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby-plugin-sharp > lodash:
patched: '2020-04-30T22:15:28.263Z'
- typography > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @babel/core > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > css-loader > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > devcert > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > eslint > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > eslint-plugin-flowtype > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > eslint-plugin-graphql > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-telemetry > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-plugin-page-creator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby-plugin-sharp > async > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > webpack-merge > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby-plugin-offline > cheerio > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @typescript-eslint/parser > @typescript-eslint/typescript-estree > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-eslint > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > eslint > inquirer > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > eslint > table > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > eslint-plugin-graphql > graphql-config > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-telemetry > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-plugin-page-creator > gatsby-page-utils > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > optimize-css-assets-webpack-plugin > last-call-webpack-plugin > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > react-dev-utils > inquirer > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > webpack-dev-server > http-proxy-middleware > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @typescript-eslint/parser > @typescript-eslint/experimental-utils > @typescript-eslint/typescript-estree > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-eslint > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @babel/core > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @pmmmwh/react-refresh-webpack-plugin > react-dev-utils > inquirer > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > yurnalist > inquirer > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > eslint-plugin-graphql > graphql-config > graphql-import > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > gatsby-telemetry > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > webpack-dev-server > portfinder > async > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-eslint > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > @babel/core > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-eslint > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-04-30T22:15:28.263Z'
10 changes: 7 additions & 3 deletions examples/gatsbygram/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,8 @@
"request": "^2.79.0",
"slug": "^0.9.1",
"typeface-space-mono": "0.0.54",
"typography": "^0.16.6"
"typography": "^0.16.6",
"snyk": "^1.316.1"
},
"keywords": [
"gatsby"
Expand All @@ -48,10 +49,13 @@
"build": "gatsby build",
"deploy": "gatsby build --prefix-paths && gh-pages -d public",
"cy:open": "cypress open",
"cy:run": "cypress run --browser chrome"
"cy:run": "cypress run --browser chrome",
"snyk-protect": "snyk protect",
"prepublish": "npm run snyk-protect"
},
"devDependencies": {
"cypress": "^3.1.0",
"start-server-and-test": "^1.1.4"
}
},
"snyk": true
}