From 750d748ce5b5d7ce21454c2fd3058d0cd673971f Mon Sep 17 00:00:00 2001 From: snyk-test Date: Wed, 10 Jul 2019 06:45:33 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 --- .snyk | 9 ++++++++- package.json | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.snyk b/.snyk index 2d304c0..28a7871 100644 --- a/.snyk +++ b/.snyk @@ -1,6 +1,13 @@ -version: v1.5.0 +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.13.5 ignore: {} +# patches apply the minimum changes required to fix a vulnerability patch: 'npm:minimatch:20160620': - forever > forever-monitor > minimatch: patched: '2016-10-12T18:45:57.119Z' + SNYK-JS-LODASH-450202: + - snyk > snyk-mvn-plugin > lodash: + patched: '2019-07-10T06:45:30.348Z' + - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash: + patched: '2019-07-10T06:45:30.348Z' diff --git a/package.json b/package.json index f33a538..1bfa59d 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,7 @@ "underscore.string": "^3.3.4", "url": "^0.11.0", "uuid": "^2.0.2", - "snyk": "^1.19.1" + "snyk": "^1.192.4" }, "devDependencies": { "ava": "^0.15.2",