curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity
blog/.snyk

22 lines
752 B
Plaintext
Raw Normal View History

fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:tunnel-agent:20170305
2018-09-24 08:27:53 +00:00
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
chore: update snyk policy https://snyk.io/vuln/SNYK-JS-MARKED-174116
2019-04-12 03:27:47 +00:00
version: v1.13.5
Add snyk to CI Use proper snyk flow https://snyk.io/docs/using-snyk/
2018-09-25 00:16:25 +00:00
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
chore: update snyk policy
2019-03-08 10:26:46 +00:00
SNYK-JS-LODASHMERGE-173732:
- hexo > cheerio > lodash.merge:
Update snyk policy
2018-09-30 08:31:45 +00:00
reason: Patch/update unavailable
chore: update expiry of snyk ignore policy Updated 'renovate' package has fixed vulnerabilities.
2018-12-31 10:56:28 +00:00
expires: '2019-12-31T00:00:00.000Z'
chore: update snyk policy
2019-04-05 01:08:40 +00:00
SNYK-JS-LODASHMERGE-173733:
- hexo > cheerio > lodash.merge:
reason: Patch/update unavailable
expires: '2019-12-31T00:00:00.000Z'
test(snyk): ignore set-value and mixin-deep * https://snyk.io/vuln/SNYK-JS-SETVALUE-450213 * https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 * Remove braces and marked
2019-06-21 04:09:29 +00:00
SNYK-JS-SETVALUE-450213:
- '*':
reason: Patch/update unavailable
expires: '2019-12-31T00:00:00.000Z'
SNYK-JS-MIXINDEEP-450212:
- '*':
chore: update snyk policy https://snyk.io/vuln/SNYK-JS-MARKED-174116
2019-04-12 03:27:47 +00:00
reason: Patch/update unavailable
expires: '2019-12-31T00:00:00.000Z'
chore: update snyk policy
2019-03-08 10:26:46 +00:00
patch: {}