Skip to content

Commit

Permalink
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities (
Browse files Browse the repository at this point in the history 
DeviaVir#2018)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
- https://snyk.io/vuln/npm:request:20160119


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-450202

Co-authored-by: Chase <[email protected]>
  • Loading branch information
@snyk-bot @DeviaVir @YarnSeemannsgarn
2 people authored and YarnSeemannsgarn committed Apr 15, 2020
1 parent 5729741 commit d3e0f9f
Show file tree
Hide file tree
Showing 3 changed files with 1,817 additions and 98 deletions.
8 changes: 8 additions & 0 deletions .snyk
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.14.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-450202:
- adamant-api > bitcore-mnemonic > bitcore-lib > lodash:
patched: '2020-03-25T09:47:35.751Z'
Loading

0 comments on commit d3e0f9f

Please sign in to comment.