From ca0b7667dd8d56d5c9401f7929fd89fbe10ed170 Mon Sep 17 00:00:00 2001 From: snyk-test Date: Tue, 16 Jul 2019 15:17:01 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 --- .snyk | 18 ++++++++ package.json | 125 ++++++++++++++++++++++++++------------------------- 2 files changed, 82 insertions(+), 61 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..99c2ab3 --- /dev/null +++ b/.snyk @@ -0,0 +1,18 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.13.5 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-450202: + - jest > jest-cli > @jest/core > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2019-07-16T15:16:59.176Z' + - jest > jest-cli > @jest/core > jest-runtime > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2019-07-16T15:16:59.176Z' + - jest > jest-cli > @jest/core > jest-runner > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2019-07-16T15:16:59.176Z' + - jest > jest-cli > @jest/core > @jest/reporters > jest-runtime > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2019-07-16T15:16:59.176Z' + - jest > jest-cli > @jest/core > jest-runner > jest-runtime > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2019-07-16T15:16:59.176Z' + - jest > jest-cli > @jest/core > jest-runner > jest-jasmine2 > jest-runtime > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2019-07-16T15:16:59.176Z' diff --git a/package.json b/package.json index e2c3bc7..2063060 100644 --- a/package.json +++ b/package.json @@ -1,63 +1,66 @@ { - "name": "mtsc", - "version": "3.2.0", - "description": "Monorepo solution for multiple typescript projects. Watch multiple typescript compilers concurrently at the same time, without losing output!", - "main": "lib/index.js", - "scripts": { - "prepublish": "yarn build", - "build": "rm -rf lib && tsc", - "test": "jest", - "test:watch": "jest --watch --coverage", - "test:travis": "jest --coverage && cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js && rm -rf ./coverage" - }, - "repository": { - "type": "git", - "url": "git+https://github.com/guidojo/multipleTypescriptCompilers.git" - }, - "keywords": [ - "mono", - "repo", - "monorepo", - "multiple", - "typescript", - "projects", - "compilers", - "compilations", - "concurrent", - "vscode", - "tasks", - "tsc", - "tslint" - ], - "author": "guidojo", - "license": "Apache-2.0", - "bugs": { - "url": "https://github.com/guidojo/multipleTypescriptCompilers/issues" - }, - "homepage": "https://github.com/guidojo/multipleTypescriptCompilers#readme", - "dependencies": { - "colors": "^1.3.3", - "commander": "^2.20.0", - "moment": "^2.24.0", - "shelljs": "^0.8.3" - }, - "peerDependencies": { - "tslint": "^5.0.0" - }, - "devDependencies": { - "@types/colors": "^1.2.1", - "@types/jest": "^24.0.15", - "@types/node": "^6.0.87", - "@types/shelljs": "^0.8.5", - "coveralls": "^3.0.5", - "jest": "^24.8.0", - "prettier": "^1.18.2", - "ts-jest": "^24.0.2", - "tslint": "^5.18.0", - "typescript": "^3.5.3", - "typescript-tslint-plugin": "^0.5.4" - }, - "bin": { - "mtsc": "./bin/mtsc" - } + "name": "mtsc", + "version": "3.2.0", + "description": "Monorepo solution for multiple typescript projects. Watch multiple typescript compilers concurrently at the same time, without losing output!", + "main": "lib/index.js", + "scripts": { + "prepublish": "npm run snyk-protect; yarn build", + "build": "rm -rf lib && tsc", + "test": "jest", + "test:watch": "jest --watch --coverage", + "test:travis": "jest --coverage && cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js && rm -rf ./coverage", + "snyk-protect": "snyk protect" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/guidojo/multipleTypescriptCompilers.git" + }, + "keywords": [ + "mono", + "repo", + "monorepo", + "multiple", + "typescript", + "projects", + "compilers", + "compilations", + "concurrent", + "vscode", + "tasks", + "tsc", + "tslint" + ], + "author": "guidojo", + "license": "Apache-2.0", + "bugs": { + "url": "https://github.com/guidojo/multipleTypescriptCompilers/issues" + }, + "homepage": "https://github.com/guidojo/multipleTypescriptCompilers#readme", + "dependencies": { + "colors": "^1.3.3", + "commander": "^2.20.0", + "moment": "^2.24.0", + "shelljs": "^0.8.3", + "snyk": "^1.193.2" + }, + "peerDependencies": { + "tslint": "^5.0.0" + }, + "devDependencies": { + "@types/colors": "^1.2.1", + "@types/jest": "^24.0.15", + "@types/node": "^6.0.87", + "@types/shelljs": "^0.8.5", + "coveralls": "^3.0.5", + "jest": "^24.8.0", + "prettier": "^1.18.2", + "ts-jest": "^24.0.2", + "tslint": "^5.18.0", + "typescript": "^3.5.3", + "typescript-tslint-plugin": "^0.5.4" + }, + "bin": { + "mtsc": "./bin/mtsc" + }, + "snyk": true }