MDLeom
|
ed71f8bbed
|
chore(snyk): ignore 'SNYK-JS-YARGSPARSER-560381'
Remove past vulnerabilities
|
2020-07-21 08:39:05 +01:00 |
MDLeom
|
0f45693943
|
chore(snyk): patch lodash
|
2020-06-23 05:29:13 +01:00 |
MDLeom
|
09871aa8fe
|
chore(snyk): patch '@snyk/ruby-semver'
|
2020-05-15 09:14:44 +01:00 |
MDLeom
|
696bfbab40
|
chore(snyk): add 'SNYK-JS-MARKDOWN-560793' and 'SNYK-JS-LODASH-567746'
|
2020-05-05 07:02:15 +01:00 |
MDLeom
|
f09ef1d5bd
|
chore(snyk): patch lodash
https://snyk.io/vuln/SNYK-JS-LODASH-567746
|
2020-05-04 11:29:53 +01:00 |
MDLeom
|
eeb2570405
|
chore(snyk): ignore DOTPROP & YARGSPARSER
|
2020-03-28 06:08:12 +00:00 |
MDLeom
|
7814bc16fc
|
chore(snyk): ignore SNYK-JS-MINIMIST-559764
|
2020-03-14 05:13:13 +00:00 |
MDLeom
|
de4e8927a8
|
chore(snyk): 'SNYK-JS-DOTPROP-543489' caused by npm
- Remove outdated policies
|
2020-02-20 18:50:21 +00:00 |
curben
|
ac35598b04
|
ci(snyk): ignore https-proxy-agent
|
2019-10-17 04:52:09 +01:00 |
curben
|
214bf336aa
|
ci(snyk): remove https-proxy-agent
|
2019-10-17 04:45:58 +01:00 |
curben
|
fddc040c42
|
ci(snyk): update policy
|
2019-10-17 04:41:00 +01:00 |
curben
|
fbb01fe1fd
|
chore(synk): add SNYK-JS-HANDLEBARS-469063
https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
|
2019-10-01 17:20:14 +01:00 |
curben
|
fefcaf342d
|
test(snyk): add mem, introduced by npm
|
2019-08-11 12:00:41 +09:30 |
curben
|
2b4a4b8ca5
|
test(snyk): add mem, introduced by renovate
|
2019-08-11 11:06:16 +09:30 |
curben
|
b1c71c1ff0
|
test: remove snyk policy
|
2019-08-08 19:09:05 +09:30 |
curben
|
875a9b501c
|
test(snyk): expires snapdragon temporarily
snapdragon package shouldn't be installed after switch to micromatch
|
2019-08-08 16:52:01 +09:30 |
curben
|
6260cce61c
|
test(snyk): add lodash and marked
|
2019-07-08 18:37:09 +09:30 |
curben
|
e4cf43dd85
|
test(snyk): mention affected deps
|
2019-06-22 14:22:45 +09:30 |
curben
|
94d57346a6
|
test(snyk): ignore set-value and mixin-deep
* https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
* https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
* Remove braces and marked
|
2019-06-21 13:39:29 +09:30 |
curben
|
a86ded70ab
|
chore: update snyk policy
https://snyk.io/vuln/SNYK-JS-MARKED-174116
|
2019-04-12 12:57:47 +09:30 |
curben
|
c6b89c5fa7
|
chore: update snyk policy
|
2019-04-05 11:38:40 +10:30 |
curben
|
3eee65de99
|
chore: update snyk policy
|
2019-03-08 20:56:46 +10:30 |
curben
|
28ff8fcb22
|
chore: update expiry of snyk ignore policy
Updated 'renovate' package has fixed vulnerabilities.
|
2018-12-31 21:26:28 +10:30 |
curben
|
efe8183b85
|
test: fix snyk unable to patch
snyk requires GNU's patch that support --backup argument,
the argument is not supported by alpine built-in busybox's patch
https://github.com/snyk/snyk/issues/108#issuecomment-412937627
https://github.com/snyk/snyk/issues/99#issuecomment-322202989
previous commit (faa286cb5f ) did not fix
|
2018-10-30 20:29:09 +10:30 |
curben
|
d44428f41a
|
test: hold back snyk patch due to failure
|
2018-10-28 20:53:06 +10:30 |
curben
|
faa286cb5f
|
test: fix snyk unable to patch
|
2018-10-28 19:03:30 +10:30 |
curben
|
6b71cb0ad6
|
test: update snyk policy to address renovate package
|
2018-10-28 18:02:45 +10:30 |
curben
|
bb89c070b1
|
Add ignore policy to snyk
|
2018-10-11 11:38:56 +10:30 |
curben
|
be05e66517
|
Update snyk policy
|
2018-09-30 18:01:45 +09:30 |
curben
|
e32264c365
|
Replace hexo-autonofollow with hexo-filter-nofollow
hexo-filter-nofollow has updated cheerio
https://snyk.io/test/npm/hexo-suka-autonofollow
|
2018-09-28 12:17:40 +09:30 |
curben
|
2e7d211a4f
|
Remove hexo-all-minifier snyk patches
Not applicable anymore
cc1b2fc204
|
2018-09-27 21:51:53 +09:30 |
curben
|
1b594c706e
|
Add snyk to CI
Use proper snyk flow https://snyk.io/docs/using-snyk/
|
2018-09-25 10:29:43 +09:30 |
curben
|
f500d2443d
|
fix: .snyk & package.json to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:tunnel-agent:20170305
|
2018-09-24 18:22:28 +09:30 |