curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity
blog/.snyk

20 lines
691 B
Plaintext
Raw Normal View History

fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:tunnel-agent:20170305
2018-09-24 08:27:53 +00:00
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
chore: update snyk policy https://snyk.io/vuln/SNYK-JS-MARKED-174116
2019-04-12 03:27:47 +00:00
version: v1.13.5
Add snyk to CI Use proper snyk flow https://snyk.io/docs/using-snyk/
2018-09-25 00:16:25 +00:00
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
test(snyk): add mem, introduced by renovate
2019-08-11 01:36:16 +00:00
ignore:
chore(snyk): patch lodash https://snyk.io/vuln/SNYK-JS-LODASH-567746
2020-05-04 10:29:53 +00:00
SNYK-JS-YARGSPARSER-560381:
chore(snyk): ignore DOTPROP & YARGSPARSER
2020-03-28 06:08:12 +00:00
- '*':
chore(snyk): ignore 'SNYK-JS-YARGSPARSER-560381' Remove past vulnerabilities
2020-07-21 07:39:05 +00:00
reason: Update unreliable
expires: '2020-09-30T00:00:00.000Z'
ci(snyk): update policy
2019-10-17 03:41:00 +00:00
# patches apply the minimum changes required to fix a vulnerability
chore(snyk): patch lodash https://snyk.io/vuln/SNYK-JS-LODASH-567746
2020-05-04 10:29:53 +00:00
patch:
SNYK-JS-LODASH-567746:
- hexo > lodash:
patched: '2020-05-04T00:00:00.000Z'
chore(snyk): add 'SNYK-JS-MARKDOWN-560793' and 'SNYK-JS-LODASH-567746'
2020-05-05 06:02:15 +00:00
renovate > lodash:
patched: '2020-05-04T00:00:00.000Z'
chore(snyk): patch '@snyk/ruby-semver'
2020-05-15 08:14:44 +00:00
renovate > @snyk/ruby-semver > lodash:
patched: '2020-05-15T00:00:00.000Z'
chore(snyk): patch lodash
2020-06-23 04:29:13 +00:00
lodash:
patched: '2020-06-22T00:00:00.000Z'