From c1d939e7b362d61784ab5d3771c6696eec7dde9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tao=20Bojl=C3=A9n?= <2803708-tao_oat@users.noreply.gitlab.com> Date: Tue, 6 Oct 2020 14:16:23 +0000 Subject: [PATCH] fix: frontend/package.json, frontend/yarn.lock & frontend/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- frontend/.snyk | 62 ++++++++++++++++++++++++++++++++++++++++++++++ frontend/yarn.lock | 2 +- 2 files changed, 63 insertions(+), 1 deletion(-) diff --git a/frontend/.snyk b/frontend/.snyk index fc46b92..1dec316 100644 --- a/frontend/.snyk +++ b/frontend/.snyk @@ -9918,3 +9918,65 @@ patch: patched: '2020-10-06T13:34:20.685Z' - react-scripts > jest > jest-cli > @jest/core > @jest/reporters > jest-runtime > jest-config > @jest/test-sequencer > jest-runner > jest-jasmine2 > @jest/environment > @jest/transform > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash: patched: '2020-10-06T13:34:20.685Z' + - snyk > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > babel-plugin-styled-components > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-go-plugin > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/helper-module-imports > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > @babel/generator > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-go-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-cpp-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-docker-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-gradle-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-docker-plugin > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-gradle-plugin > @snyk/java-call-graph-builder > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > babel-plugin-styled-components > @babel/helper-module-imports > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > @babel/generator > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > @babel/helper-function-name > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > babel-plugin-styled-components > @babel/helper-annotate-as-pure > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-gradle-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-mvn-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-php-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - snyk > snyk-python-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > @babel/helper-function-name > @babel/helper-get-function-arity > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' + - styled-components > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash: + patched: '2020-10-06T14:09:33.931Z' diff --git a/frontend/yarn.lock b/frontend/yarn.lock index 9f51657..81c95c5 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -11729,7 +11729,7 @@ snyk-try-require@1.3.1, snyk-try-require@^1.1.1, snyk-try-require@^1.3.1: lru-cache "^4.0.0" then-fs "^2.0.0" -snyk@^1.410.0: +snyk@1.410.0, snyk@^1.410.0: version "1.410.0" resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.410.0.tgz#27d0fe70a6caa41a6db54fe27e0646deb18f4c14" integrity sha512-BtLewroZM7RJ7tNKVC7bGuHXmvtQHiJemGyqINpFh7gcJCYdYCmUyT0JLz626gaUBwIhEPjrJpxC41oovnsvHA==