From 4d9369291694532222c7b76b47b87309b2303b06 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 24 Oct 2018 08:34:18 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:minimatch:20160620 --- .snyk | 8 ++++++++ package.json | 38 ++++++++++++++++++++++---------------- 2 files changed, 30 insertions(+), 16 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..aa65c65 --- /dev/null +++ b/.snyk @@ -0,0 +1,8 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:minimatch:20160620': + - jssh-api-jssh > glob > minimatch: + patched: '2018-10-24T08:34:16.645Z' diff --git a/package.json b/package.json index 369f7d2..4d04f7a 100644 --- a/package.json +++ b/package.json @@ -1,18 +1,24 @@ { - "name": "jssh-api-jssh-bin", - "version": "0.0.2", - "description": "Commands for jssh that require compilation", - "main": "src/api.js", - "repository": { - "type" : "git", - "url" : "https://github.com/streamich/jssh-api-jssh-bin.git" - }, - "license": "Unlicense", - "dependencies": { - "jssh-api-jssh": "*", - "posix": "2.0.1" - }, - "devDependencies": { - "chai": "*" - } + "name": "jssh-api-jssh-bin", + "version": "0.0.2", + "description": "Commands for jssh that require compilation", + "main": "src/api.js", + "repository": { + "type": "git", + "url": "https://github.com/streamich/jssh-api-jssh-bin.git" + }, + "license": "Unlicense", + "dependencies": { + "jssh-api-jssh": "*", + "posix": "2.0.1", + "snyk": "^1.104.2" + }, + "devDependencies": { + "chai": "*" + }, + "scripts": { + "snyk-protect": "snyk protect", + "prepare": "npm run snyk-protect" + }, + "snyk": true } \ No newline at end of file