From 0143830abd7a2c87127c5c7ecd658895e8a71d35 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 7 Jul 2023 20:38:14 +0000 Subject: [PATCH] fix: tools/node_modules/eslint/node_modules/wrappy/package.json & tools/node_modules/eslint/node_modules/wrappy/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 - https://snyk.io/vuln/SNYK-JS-HAWK-2808852 - https://snyk.io/vuln/SNYK-JS-JSYAML-173999 - https://snyk.io/vuln/SNYK-JS-JSYAML-174129 - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 - https://snyk.io/vuln/SNYK-JS-LODASH-450202 - https://snyk.io/vuln/SNYK-JS-LODASH-608086 - https://snyk.io/vuln/SNYK-JS-LODASH-73638 - https://snyk.io/vuln/SNYK-JS-LODASH-73639 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388 - https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818 - https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795 - https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 - https://snyk.io/vuln/npm:hoek:20180212 - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:minimatch:20160620 - https://snyk.io/vuln/npm:tunnel-agent:20170305 The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:hawk:20160119 - https://snyk.io/vuln/npm:http-signature:20150122 - https://snyk.io/vuln/npm:mime:20170907 - https://snyk.io/vuln/npm:request:20160119 - https://snyk.io/vuln/npm:tunnel-agent:20170305 --- .../eslint/node_modules/wrappy/.snyk | 30 +++++++++++++++++++ .../eslint/node_modules/wrappy/package.json | 13 +++++--- 2 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 tools/node_modules/eslint/node_modules/wrappy/.snyk diff --git a/tools/node_modules/eslint/node_modules/wrappy/.snyk b/tools/node_modules/eslint/node_modules/wrappy/.snyk new file mode 100644 index 00000000000000..e7a626cd38529e --- /dev/null +++ b/tools/node_modules/eslint/node_modules/wrappy/.snyk @@ -0,0 +1,30 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:hawk:20160119': + - tap > codecov.io > request > hawk: + patched: '2023-07-07T20:38:00.075Z' + id: 'npm:hawk:20160119' + path: tap > codecov.io > request > hawk + 'npm:http-signature:20150122': + - tap > codecov.io > request > http-signature: + patched: '2023-07-07T20:38:00.075Z' + id: 'npm:http-signature:20150122' + path: tap > codecov.io > request > http-signature + 'npm:mime:20170907': + - tap > codecov.io > request > form-data > mime: + patched: '2023-07-07T20:38:00.075Z' + id: 'npm:mime:20170907' + path: tap > codecov.io > request > form-data > mime + 'npm:request:20160119': + - tap > codecov.io > request: + patched: '2023-07-07T20:38:00.075Z' + id: 'npm:request:20160119' + path: tap > codecov.io > request + 'npm:tunnel-agent:20170305': + - tap > codecov.io > request > tunnel-agent: + patched: '2023-07-07T20:38:00.075Z' + id: 'npm:tunnel-agent:20170305' + path: tap > codecov.io > request > tunnel-agent diff --git a/tools/node_modules/eslint/node_modules/wrappy/package.json b/tools/node_modules/eslint/node_modules/wrappy/package.json index 130752046714d6..3b4b9a7c12ad87 100644 --- a/tools/node_modules/eslint/node_modules/wrappy/package.json +++ b/tools/node_modules/eslint/node_modules/wrappy/package.json @@ -9,12 +9,16 @@ "directories": { "test": "test" }, - "dependencies": {}, + "dependencies": { + "@snyk/protect": "latest" + }, "devDependencies": { - "tap": "^2.3.1" + "tap": "^14.6.8" }, "scripts": { - "test": "tap --coverage test/*.js" + "test": "tap --coverage test/*.js", + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "repository": { "type": "git", @@ -25,5 +29,6 @@ "bugs": { "url": "https://github.com/npm/wrappy/issues" }, - "homepage": "https://github.com/npm/wrappy" + "homepage": "https://github.com/npm/wrappy", + "snyk": true }