diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..ac23da7 --- /dev/null +++ b/.snyk @@ -0,0 +1,50 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - '@testing-library/jest-dom > lodash': + patched: '2022-10-01T18:55:19.451Z' + - antd > lodash: + patched: '2022-10-01T18:55:19.451Z' + - antd > rc-form > lodash: + patched: '2022-10-01T18:55:19.451Z' + - antd > rc-steps > lodash: + patched: '2022-10-01T18:55:19.451Z' + - antd > rc-table > lodash: + patched: '2022-10-01T18:55:19.451Z' + - antd > rc-tabs > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > @babel/core > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > eslint > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > eslint-plugin-flowtype > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > html-webpack-plugin > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > webpack-manifest-plugin > lodash: + patched: '2022-10-01T18:55:19.451Z' + - antd > rc-editor-mention > rc-editor-core > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > @babel/core > @babel/traverse > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > eslint > inquirer > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > eslint > table > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > optimize-css-assets-webpack-plugin > last-call-webpack-plugin > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > react-dev-utils > inquirer > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > webpack-dev-server > http-proxy-middleware > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > @svgr/webpack > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > webpack-dev-server > portfinder > async > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > @svgr/webpack > @babel/preset-env > @babel/plugin-transform-modules-amd > @babel/helper-module-transforms > lodash: + patched: '2022-10-01T18:55:19.451Z' + - react-scripts > jest-environment-jsdom-fourteen > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2022-10-01T18:55:19.451Z' diff --git a/package-lock.json b/package-lock.json index 43e0ead..fe065a6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1322,6 +1322,11 @@ "resolved": "https://registry.npmjs.org/@sheerun/mutationobserver-shim/-/mutationobserver-shim-0.3.2.tgz", "integrity": "sha512-vTCdPp/T/Q3oSqwHmZ5Kpa9oI7iLtGl3RQaA/NyLHikvcrPxACkkKVr/XzkSPJWXHRhKGzVvb0urJsbMlRxi1Q==" }, + "@snyk/protect": { + "version": "1.1019.0", + "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1019.0.tgz", + "integrity": "sha512-LuMrTKSuzQ6hcmD6H4mgjor1MwYJUVOT28ZuoFyNRwqW5Aowqf/0x5iZIYZDpTg5JR2yYARQS96uc3dbY3lDFA==" + }, "@svgr/babel-plugin-add-jsx-attribute": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-add-jsx-attribute/-/babel-plugin-add-jsx-attribute-4.2.0.tgz", diff --git a/package.json b/package.json index 55a8162..854353b 100644 --- a/package.json +++ b/package.json @@ -23,13 +23,16 @@ "react-router-dom": "^5.1.2", "react-scripts": "3.3.0", "rxjs": "^6.5.3", - "typescript": "~3.7.2" + "typescript": "~3.7.2", + "@snyk/protect": "latest" }, "scripts": { "start": "react-scripts start", "build": "react-scripts build", "test": "react-scripts test", - "eject": "react-scripts eject" + "eject": "react-scripts eject", + "prepare": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "eslintConfig": { "extends": "react-app" @@ -48,5 +51,6 @@ }, "devDependencies": { "@types/react-router-dom": "^5.1.3" - } + }, + "snyk": true }