Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #10

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a03c562
fix: packages/gatsby/package.json & packages/gatsby/.snyk to reduce v…
snyk-bot May 1, 2020
087569c
fix: packages/gatsby/package.json & packages/gatsby/.snyk to reduce v…
snyk-bot May 1, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
216 changes: 216 additions & 0 deletions packages/gatsby/.snyk
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,216 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.14.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@babel/core > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-favicon > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-offline > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-sharp > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-remark-autolink-headers > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-transformer-remark > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@babel/core > @babel/helper-module-transforms > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @babel/core > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > css-loader > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > devcert > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > eslint > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > eslint-plugin-flowtype > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > eslint-plugin-graphql > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-telemetry > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-plugin-page-creator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-sharp > async > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > webpack-merge > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-favicon > favicons-webpack-plugin > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-offline > cheerio > lodash:
patched: '2020-05-01T00:26:10.038Z'
- typedoc-neo-theme > typedoc > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@babel/core > @babel/helpers > @babel/traverse > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @typescript-eslint/parser > @typescript-eslint/typescript-estree > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-eslint > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > eslint > inquirer > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > eslint > table > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > eslint-plugin-graphql > graphql-config > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-telemetry > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-plugin-page-creator > gatsby-page-utils > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > optimize-css-assets-webpack-plugin > last-call-webpack-plugin > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > react-dev-utils > inquirer > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > webpack-dev-server > http-proxy-middleware > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @typescript-eslint/parser > @typescript-eslint/experimental-utils > @typescript-eslint/typescript-estree > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@emotion/styled > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-eslint > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @babel/core > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @pmmmwh/react-refresh-webpack-plugin > react-dev-utils > inquirer > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > yurnalist > inquirer > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > eslint-plugin-graphql > graphql-config > graphql-import > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > gatsby-telemetry > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > webpack-dev-server > portfinder > async > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-eslint > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > @babel/core > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@emotion/core > @emotion/css > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-emotion > @emotion/babel-preset-css-prop > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-emotion > @emotion/babel-preset-css-prop > @babel/plugin-transform-react-jsx > @babel/helper-builder-react-jsx-experimental > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby-plugin-emotion > @emotion/babel-preset-css-prop > @babel/plugin-transform-react-jsx > @babel/helper-builder-react-jsx-experimental > @babel/helper-annotate-as-pure > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-eslint > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
patched: '2020-05-01T00:26:10.038Z'
- '@babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash':
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T00:26:10.038Z'
10 changes: 7 additions & 3 deletions packages/gatsby/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,14 +56,17 @@
"unescape-html": "^1.1.0",
"unfetch": "^4.1.0",
"unified": "^7.1.0",
"xss": "^1.0.6"
"xss": "^1.0.6",
"snyk": "^1.316.1"
},
"scripts": {
"build:doc": "rm -rf .cache public && yarn build:api && gatsby build --prefix-paths \"$@\" && rsync -rtuc --delete public/ ../../docs/",
"build:api": "typedoc",
"develop": "gatsby develop",
"serve": "gatsby serve",
"test": "echo \"Write tests! -> https://gatsby.dev/unit-testing\""
"test": "echo \"Write tests! -> https://gatsby.dev/unit-testing\"",
"snyk-protect": "snyk protect",
"prepublish": "npm run snyk-protect"
},
"repository": {
"type": "git",
Expand All @@ -73,5 +76,6 @@
"@types/babel__core": "7.1.3",
"@types/json-schema": "^7.0.4",
"@types/lodash": "^4.14.136"
}
},
"snyk": true
}