mirror of https://gitlab.com/curben/blog
fix: .snyk & package.json to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:tunnel-agent:20170305
This commit is contained in:
parent
7efe6efef1
commit
f500d2443d
|
@ -0,0 +1,27 @@
|
|||
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
||||
version: v1.12.0
|
||||
ignore: {}
|
||||
# patches apply the minimum changes required to fix a vulnerability
|
||||
patch:
|
||||
'npm:lodash:20180130':
|
||||
- hexo-autonofollow > cheerio > lodash:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
'npm:tunnel-agent:20170305':
|
||||
- hexo-all-minifier > imagemin-gifsicle > gifsicle > bin-build > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-jpegtran > jpegtran-bin > bin-build > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-mozjpeg > mozjpeg > bin-build > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-optipng > optipng-bin > bin-build > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-gifsicle > gifsicle > bin-wrapper > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-jpegtran > jpegtran-bin > bin-wrapper > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-mozjpeg > mozjpeg > bin-wrapper > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-optipng > optipng-bin > bin-wrapper > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
||||
- hexo-all-minifier > imagemin-pngquant > pngquant-bin > bin-wrapper > download > caw > tunnel-agent:
|
||||
patched: '2018-09-24T08:27:51.828Z'
|
12
package.json
12
package.json
|
@ -16,6 +16,12 @@
|
|||
"hexo-renderer-ejs": "latest",
|
||||
"hexo-renderer-stylus": "latest",
|
||||
"hexo-renderer-marked": "latest",
|
||||
"hexo-server": "latest"
|
||||
}
|
||||
}
|
||||
"hexo-server": "latest",
|
||||
"snyk": "^1.97.1"
|
||||
},
|
||||
"scripts": {
|
||||
"snyk-protect": "snyk protect",
|
||||
"prepare": "npm run snyk-protect"
|
||||
},
|
||||
"snyk": true
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue