Commit Graph

11 Commits

Author SHA1 Message Date
curben 28ff8fcb22 chore: update expiry of snyk ignore policy
Updated 'renovate' package has fixed vulnerabilities.
2018-12-31 21:26:28 +10:30
curben efe8183b85 test: fix snyk unable to patch
snyk requires GNU's patch that support --backup argument,
the argument is not supported by alpine built-in busybox's patch

https://github.com/snyk/snyk/issues/108#issuecomment-412937627
https://github.com/snyk/snyk/issues/99#issuecomment-322202989

previous commit (faa286cb5f) did not fix
2018-10-30 20:29:09 +10:30
curben d44428f41a test: hold back snyk patch due to failure 2018-10-28 20:53:06 +10:30
curben faa286cb5f test: fix snyk unable to patch 2018-10-28 19:03:30 +10:30
curben 6b71cb0ad6 test: update snyk policy to address renovate package 2018-10-28 18:02:45 +10:30
curben bb89c070b1 Add ignore policy to snyk 2018-10-11 11:38:56 +10:30
curben be05e66517 Update snyk policy 2018-09-30 18:01:45 +09:30
curben e32264c365 Replace hexo-autonofollow with hexo-filter-nofollow
hexo-filter-nofollow has updated cheerio
https://snyk.io/test/npm/hexo-suka-autonofollow
2018-09-28 12:17:40 +09:30
curben 2e7d211a4f Remove hexo-all-minifier snyk patches
Not applicable anymore
cc1b2fc204
2018-09-27 21:51:53 +09:30
curben 1b594c706e Add snyk to CI
Use proper snyk flow https://snyk.io/docs/using-snyk/
2018-09-25 10:29:43 +09:30
curben f500d2443d fix: .snyk & package.json to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:tunnel-agent:20170305
2018-09-24 18:22:28 +09:30