From fdd3f72affcb7cbb72eb02c5e0e6a840e14550db Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 20 Jun 2018 11:28:46 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:hoek:20180212 --- .snyk | 46 ++++++++++++++++++++++++++++++++++++++++++++++ package.json | 10 +++++++--- 2 files changed, 53 insertions(+), 3 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..d6b3adc --- /dev/null +++ b/.snyk @@ -0,0 +1,46 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:hoek:20180212': + - npm > node-gyp > request > hawk > sntp > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > request > hawk > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > request > hawk > sntp > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > request > hawk > cryptiles > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > node-gyp > request > hawk > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > node-gyp > request > hawk > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > node-gyp > request > hawk > sntp > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > node-gyp > request > hawk > cryptiles > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > node-gyp > request > hawk > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > node-gyp > request > hawk > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - node-sass-chokidar > node-sass > request > hawk > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > node-gyp > request > hawk > cryptiles > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > libcipm > npm-lifecycle > node-gyp > request > hawk > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > libcipm > npm-lifecycle > node-gyp > request > hawk > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > libcipm > npm-lifecycle > node-gyp > request > hawk > sntp > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > libcipm > npm-lifecycle > node-gyp > request > hawk > cryptiles > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > npm-lifecycle > node-gyp > request > hawk > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > npm-lifecycle > node-gyp > request > hawk > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > npm-lifecycle > node-gyp > request > hawk > sntp > hoek: + patched: '2018-06-20T11:28:44.870Z' + - npm > npm-lifecycle > node-gyp > request > hawk > cryptiles > boom > hoek: + patched: '2018-06-20T11:28:44.870Z' diff --git a/package.json b/package.json index c03ce99..5fd597c 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,9 @@ "build": "npm-run-all build-css build-js", "test": "react-scripts-ts test --env=jsdom", "eject": "react-scripts-ts eject", - "deploy:firebase": "npm run build && firebase deploy" + "deploy:firebase": "npm run build && firebase deploy", + "snyk-protect": "snyk protect", + "prepare": "npm run snyk-protect" }, "author": "Amir Movahedi", "license": "MIT", @@ -72,7 +74,8 @@ "reflect-metadata": "^0.1.10", "save": "^2.3.0", "typeface-roboto": "0.0.50", - "uuid": "^3.0.1" + "uuid": "^3.0.1", + "snyk": "^1.83.0" }, "devDependencies": { "@types/classnames": "^2.2.3", @@ -124,5 +127,6 @@ ], "bugs": { "url": "https://github.com/Qolzam/react-social-network/issues" - } + }, + "snyk": true }