From 1a60c07e2d4db1115f4bce24ced6e08601dacf38 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 3 May 2020 02:02:29 +0200 Subject: [PATCH 1/2] fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- package.json | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index f4436da..442e02c 100644 --- a/package.json +++ b/package.json @@ -3,7 +3,9 @@ "version": "2.1.5", "description": "A simple command line prompt enhancer that shows the state of the current git repo (ps1)", "scripts": { - "test": "standard" + "test": "standard", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "bin": { "git-ps1": "bin/git-ps1" @@ -13,7 +15,8 @@ "url": "https://github.com/watson/git-ps1.git" }, "dependencies": { - "git-state": "^3.0.0" + "git-state": "^3.0.0", + "snyk": "^1.316.2" }, "devDependencies": { "standard": "^8.1.0" @@ -46,5 +49,6 @@ "coordinates": [ 41.3264437, -72.9186525 - ] + ], + "snyk": true } From d1b0ef3e866343a3c8f30f10ed72b92ef4531a29 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 3 May 2020 02:02:30 +0200 Subject: [PATCH 2/2] fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- .snyk | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..ace5480 --- /dev/null +++ b/.snyk @@ -0,0 +1,12 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.14.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - standard > eslint > lodash: + patched: '2020-05-03T00:02:26.358Z' + - standard > eslint > inquirer > lodash: + patched: '2020-05-03T00:02:26.358Z' + - standard > eslint > table > lodash: + patched: '2020-05-03T00:02:26.358Z'