From a0e801737404f02e6e6af312c69e310748308edb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 17 Aug 2021 04:40:25 +0000 Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-EJS-1049328 - https://snyk.io/vuln/SNYK-JS-ISSVG-1085627 - https://snyk.io/vuln/SNYK-JS-ISSVG-1243891 - https://snyk.io/vuln/SNYK-JS-JSYAML-173999 - https://snyk.io/vuln/SNYK-JS-JSYAML-174129 - https://snyk.io/vuln/SNYK-JS-NODENOTIFIER-1035794 - https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640 - https://snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-536840 - https://snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-570062 - https://snyk.io/vuln/SNYK-JS-SOCKJS-575261 - https://snyk.io/vuln/SNYK-JS-SSRI-1246392 - https://snyk.io/vuln/SNYK-JS-WEBPACKBUNDLEANALYZER-174190 - https://snyk.io/vuln/SNYK-JS-WS-1296835 - https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381 The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- .snyk | 272 +++++++++++++++++++++++++++++++++++++++++++++++++++ package.json | 22 +++-- 2 files changed, 285 insertions(+), 9 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000000..e25ea15969 --- /dev/null +++ b/.snyk @@ -0,0 +1,272 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.21.5 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - enzyme-to-json > lodash: + patched: '2021-08-17T04:40:21.938Z' + - html-webpack-plugin > lodash: + patched: '2021-08-17T04:40:21.938Z' + - webpack-bundle-analyzer > lodash: + patched: '2021-08-17T04:40:21.938Z' + - webpack-manifest-plugin > lodash: + patched: '2021-08-17T04:40:21.938Z' + - '@babel/preset-env > @babel/plugin-transform-block-scoping > lodash': + patched: '2021-08-17T04:40:21.938Z' + - babel-eslint > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - babel-plugin-transform-builtin-extend > babel-template > lodash: + patched: '2021-08-17T04:40:21.938Z' + - enzyme > cheerio > lodash: + patched: '2021-08-17T04:40:21.938Z' + - webpack-dev-server > http-proxy-middleware > lodash: + patched: '2021-08-17T04:40:21.938Z' + - '@babel/preset-env > @babel/plugin-transform-modules-umd > @babel/helper-module-transforms > lodash': + patched: '2021-08-17T04:40:21.938Z' + - babel-eslint > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - babel-plugin-transform-builtin-extend > babel-template > babel-types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - babel-plugin-transform-builtin-extend > babel-template > babel-traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - '@babel/preset-env > @babel/plugin-transform-parameters > @babel/helper-call-delegate > @babel/traverse > lodash': + patched: '2021-08-17T04:40:21.938Z' + - babel-eslint > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > @babel/core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > @babel/core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - babel-plugin-transform-builtin-extend > babel-template > babel-traverse > babel-types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-api > async > lodash: + patched: '2021-08-17T04:40:21.938Z' + - '@babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > lodash': + patched: '2021-08-17T04:40:21.938Z' + - babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - babel-eslint > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > @babel/core > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > @babel/core > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-api > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-resolve-dependencies > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > jest-jasmine2 > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-jasmine2 > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > @babel/core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > @babel/core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > @babel/core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - '@babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash': + patched: '2021-08-17T04:40:21.938Z' + - babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > @babel/core > @babel/helpers > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-api > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > jest-jasmine2 > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-jasmine2 > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > @babel/core > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > @babel/core > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > @babel/core > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > jest-jasmine2 > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-jasmine2 > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > jest-jasmine2 > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > @babel/core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-api > istanbul-reports > handlebars > async > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - '@babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash': + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-api > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-jasmine2 > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > @babel/core > @babel/helpers > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > jest-jasmine2 > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > @babel/core > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > jest-jasmine2 > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > jest-jasmine2 > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - '@babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash': + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > istanbul-api > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-jasmine2 > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > jest-jasmine2 > jest-snapshot > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/generator > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > jest-jasmine2 > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - jest > jest-cli > jest-runner > jest-runtime > jest-config > babel-jest > babel-plugin-istanbul > istanbul-lib-instrument > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2021-08-17T04:40:21.938Z' + - eslint > lodash: + patched: '2021-08-17T04:40:21.938Z' + - eslint-plugin-flowtype > lodash: + patched: '2021-08-17T04:40:21.938Z' + - eslint > inquirer > lodash: + patched: '2021-08-17T04:40:21.938Z' + - eslint > table > lodash: + patched: '2021-08-17T04:40:21.938Z' diff --git a/package.json b/package.json index 9952a28789..b59f4c877f 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,9 @@ "test:watch": "jest --watch", "cypress:install": "npm install --no-save cypress@~4.5.0 @percy/agent@0.26.2 @percy/cypress@^2.2.0 atob@2.1.2", "cypress": "node client/cypress/cypress.js", - "postinstall": "(cd viz-lib && npm ci && npm run build:babel)" + "postinstall": "(cd viz-lib && npm ci && npm run build:babel)", + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "repository": { "type": "git", @@ -75,7 +77,8 @@ "react-virtualized": "^9.21.2", "universal-router": "^8.3.0", "use-debounce": "^3.1.0", - "use-media": "^1.4.0" + "use-media": "^1.4.0", + "@snyk/protect": "latest" }, "devDependencies": { "@babel/core": "^7.2.2", @@ -89,8 +92,8 @@ "babel-jest": "^24.1.0", "babel-loader": "^8.0.5", "babel-plugin-transform-builtin-extend": "^1.1.2", - "copy-webpack-plugin": "^4.5.3", - "css-loader": "^0.28.7", + "copy-webpack-plugin": "^5.1.2", + "css-loader": "^2.0.0", "enzyme": "^3.8.0", "enzyme-adapter-react-16": "^1.7.1", "enzyme-to-json": "^3.3.5", @@ -124,10 +127,10 @@ "request": "^2.88.0", "url-loader": "^1.1.2", "webpack": "^4.20.2", - "webpack-build-notifier": "^0.1.30", - "webpack-bundle-analyzer": "^2.11.1", - "webpack-cli": "^3.1.2", - "webpack-dev-server": "^3.1.9", + "webpack-build-notifier": "^1.2.2", + "webpack-bundle-analyzer": "^4.0.0", + "webpack-cli": "^3.3.5", + "webpack-dev-server": "^3.11.0", "webpack-manifest-plugin": "^2.0.4" }, "optionalDependencies": { @@ -164,5 +167,6 @@ "and_ff >= 64", "and_uc >= 11.8", "samsung >= 6.2" - ] + ], + "snyk": true }