Merge pull request #3 from hydro-dev/snyk-fix-5d0d867644550e6e77c32f6fc8876187

[Snyk] Fix for 1 vulnerabilities
4 years ago · 137c4fa40a
parent 0b4567b38d 5d2fdf5c14
commit 137c4fa40a
3 changed files with 1908 additions and 102 deletions
--- a/.snyk
+++ b/.snyk
@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.15.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - lodash:
+        patched: '2020-06-16T05:18:19.258Z'
--- a/package.json
+++ b/package.json
@ -28,7 +28,8 @@
    "nunjucks": "^3.2.1",
    "prismjs": "^1.20.0",
    "sockjs": "^0.3.20",
-        "systeminformation": "^4.26.5"
+    "systeminformation": "^4.26.5",
+    "snyk": "^1.341.1"
  },
  "devDependencies": {
    "eslint": "^6.8.0",
@ -44,7 +45,9 @@
    "build:all": "cd ui && yarn && yarn build:production && cd .. && yarn && yarn build:production",
    "start": "node hydro/loader.js",
    "pack": "pkg .",
-        "lint": "eslint build hydro module tool --fix"
+    "lint": "eslint build hydro module tool --fix",
+    "snyk-protect": "snyk protect",
+    "prepare": "yarn run snyk-protect"
  },
  "pkg": {
    "scripts": [
@ -53,5 +56,6 @@
    "assets": [
      ".build/module/**"
    ]
-    }
+  },
+  "snyk": true
 }
--- a/yarn.lock
+++ b/yarn.lock