From a51ec3a202b8bf02ea7cb967ca457bf92b6b6af5 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 6 May 2020 07:59:33 +0300 Subject: [PATCH 1/2] fix: examples/client-only-paths/package.json & examples/client-only-paths/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- examples/client-only-paths/package.json | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/examples/client-only-paths/package.json b/examples/client-only-paths/package.json index 0e5ca9e383440..30ce1b77de8dc 100644 --- a/examples/client-only-paths/package.json +++ b/examples/client-only-paths/package.json @@ -15,13 +15,19 @@ "react-typography": "^0.15.0", "slash": "^1.0.0", "typography": "^0.15.8", - "typography-breakpoint-constants": "^0.14.0" + "typography-breakpoint-constants": "^0.14.0", + "snyk": "^1.319.0" }, - "keywords": ["gatsby"], + "keywords": [ + "gatsby" + ], "license": "MIT", "main": "n/a", "scripts": { "develop": "gatsby develop", - "build": "gatsby build" - } + "build": "gatsby build", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" + }, + "snyk": true } From fd05f616e7526338e27ed68d08da11daafd8be9e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 6 May 2020 07:59:34 +0300 Subject: [PATCH 2/2] fix: examples/client-only-paths/package.json & examples/client-only-paths/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- examples/client-only-paths/.snyk | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 examples/client-only-paths/.snyk diff --git a/examples/client-only-paths/.snyk b/examples/client-only-paths/.snyk new file mode 100644 index 0000000000000..97e78da7c04de --- /dev/null +++ b/examples/client-only-paths/.snyk @@ -0,0 +1,22 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.14.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - gatsby > gatsby-plugin-typescript > @babel/core > lodash: + patched: '2020-05-06T04:59:30.502Z' + - gatsby > gatsby-plugin-typescript > @babel/core > @babel/helper-module-transforms > lodash: + patched: '2020-05-06T04:59:30.502Z' + - gatsby > gatsby-plugin-typescript > @babel/core > @babel/helpers > @babel/traverse > lodash: + patched: '2020-05-06T04:59:30.502Z' + - gatsby > gatsby-plugin-typescript > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash: + patched: '2020-05-06T04:59:30.502Z' + - gatsby > gatsby-plugin-typescript > @babel/preset-typescript > @babel/plugin-transform-typescript > @babel/helper-create-class-features-plugin > @babel/helper-replace-supers > @babel/traverse > lodash: + patched: '2020-05-06T04:59:30.502Z' + - gatsby > gatsby-plugin-typescript > @babel/preset-typescript > @babel/plugin-transform-typescript > @babel/helper-create-class-features-plugin > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash: + patched: '2020-05-06T04:59:30.502Z' + - gatsby > gatsby-plugin-typescript > @babel/preset-typescript > @babel/plugin-transform-typescript > @babel/helper-create-class-features-plugin > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2020-05-06T04:59:30.502Z' + - gatsby > gatsby-plugin-typescript > @babel/preset-typescript > @babel/plugin-transform-typescript > @babel/helper-create-class-features-plugin > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash: + patched: '2020-05-06T04:59:30.502Z'