curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity
1,255 Commits 3 Branches 0 Tags 37 MiB
Commit Graph

43 Commits

Author SHA1 Message Date
Ming Di Leom c98a260465
chore(snyk): update ignore list 2024-01-28 09:42:50 +00:00
Ming Di Leom 5501603b20
chore(snyk): update ignore list 2023-10-02 00:37:25 +00:00
Ming Di Leom 4ff2a0ae22
chore(snyk): ignore SNYK-JS-WORDWRAP-3149973 
- patch unavailable
- https://security.snyk.io/vuln/SNYK-JS-WORDWRAP-3149973
 2023-05-06 05:49:38 +00:00
Ming Di Leom 8770ab3af3
chore(snyk): ignore SNYK-JS-HTMLMINIFIER-3091181 
- patch unavailable
- also remove old policy
 2023-02-21 07:02:31 +00:00
Ming Di Leom 29d1d6ea08
chore(snyk): remove SNYK-JS-TRIM-1017038 
- caused by renovate
 2021-04-04 18:07:22 +00:00
Ming Di Leom 95ccd75107
chore(snyk): SNYK-JS-HOSTEDGITINFO-1088355 & SNYK-JS-TRIM-1017038 2021-04-02 02:09:54 +00:00
Ming Di Leom 3a50c20ef1
chore(snyk): add 'SNYK-JS-GLOBPARENT-1016905' 
- https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
 2021-02-16 01:01:23 +00:00
Ming Di Leom 174eb49acb
chore(snyk): remove expired 'SNYK-JS-YARGSPARSER-560381' & 'SNYK-JS-TRIM-1017038' 2021-02-16 00:59:30 +00:00
MDLeom 4d98701970
chore(snyk): add SNYK-JS-TRIM-1017038 
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038
 2020-11-12 06:58:09 +00:00
MDLeom a608a4f076
chore(snyk): extend SNYK-JS-YARGSPARSER-560381 2020-10-21 06:14:54 +00:00
MDLeom ed71f8bbed
chore(snyk): ignore 'SNYK-JS-YARGSPARSER-560381' 
Remove past vulnerabilities
 2020-07-21 08:39:05 +01:00
MDLeom 0f45693943
chore(snyk): patch lodash 2020-06-23 05:29:13 +01:00
MDLeom 09871aa8fe
chore(snyk): patch '@snyk/ruby-semver' 2020-05-15 09:14:44 +01:00
MDLeom 696bfbab40
chore(snyk): add 'SNYK-JS-MARKDOWN-560793' and 'SNYK-JS-LODASH-567746' 2020-05-05 07:02:15 +01:00
MDLeom f09ef1d5bd
chore(snyk): patch lodash 
https://snyk.io/vuln/SNYK-JS-LODASH-567746
 2020-05-04 11:29:53 +01:00
MDLeom eeb2570405
chore(snyk): ignore DOTPROP & YARGSPARSER 2020-03-28 06:08:12 +00:00
MDLeom 7814bc16fc
chore(snyk): ignore SNYK-JS-MINIMIST-559764 2020-03-14 05:13:13 +00:00
MDLeom de4e8927a8
chore(snyk): 'SNYK-JS-DOTPROP-543489' caused by npm 
- Remove outdated policies
 2020-02-20 18:50:21 +00:00
curben ac35598b04
ci(snyk): ignore https-proxy-agent 2019-10-17 04:52:09 +01:00
curben 214bf336aa
ci(snyk): remove https-proxy-agent 2019-10-17 04:45:58 +01:00
curben fddc040c42
ci(snyk): update policy 2019-10-17 04:41:00 +01:00
curben fbb01fe1fd
chore(synk): add SNYK-JS-HANDLEBARS-469063 
https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
 2019-10-01 17:20:14 +01:00
curben fefcaf342d
test(snyk): add mem, introduced by npm 2019-08-11 12:00:41 +09:30
curben 2b4a4b8ca5
test(snyk): add mem, introduced by renovate 2019-08-11 11:06:16 +09:30
curben b1c71c1ff0
test: remove snyk policy 2019-08-08 19:09:05 +09:30
curben 875a9b501c
test(snyk): expires snapdragon temporarily 
snapdragon package shouldn't be installed after switch to micromatch
 2019-08-08 16:52:01 +09:30
curben 6260cce61c test(snyk): add lodash and marked 2019-07-08 18:37:09 +09:30
curben e4cf43dd85 test(snyk): mention affected deps 2019-06-22 14:22:45 +09:30
curben 94d57346a6 test(snyk): ignore set-value and mixin-deep 
* https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
* https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
* Remove braces and marked
 2019-06-21 13:39:29 +09:30
curben a86ded70ab chore: update snyk policy 
https://snyk.io/vuln/SNYK-JS-MARKED-174116
 2019-04-12 12:57:47 +09:30
curben c6b89c5fa7 chore: update snyk policy 2019-04-05 11:38:40 +10:30
curben 3eee65de99 chore: update snyk policy 2019-03-08 20:56:46 +10:30
curben 28ff8fcb22 chore: update expiry of snyk ignore policy 
Updated 'renovate' package has fixed vulnerabilities.
 2018-12-31 21:26:28 +10:30
curben efe8183b85 test: fix snyk unable to patch 
snyk requires GNU's patch that support --backup argument,
the argument is not supported by alpine built-in busybox's patch

https://github.com/snyk/snyk/issues/108#issuecomment-412937627
https://github.com/snyk/snyk/issues/99#issuecomment-322202989

previous commit (faa286cb5f) did not fix
 2018-10-30 20:29:09 +10:30
curben d44428f41a test: hold back snyk patch due to failure 2018-10-28 20:53:06 +10:30
curben faa286cb5f test: fix snyk unable to patch 2018-10-28 19:03:30 +10:30
curben 6b71cb0ad6 test: update snyk policy to address renovate package 2018-10-28 18:02:45 +10:30
curben bb89c070b1 Add ignore policy to snyk 2018-10-11 11:38:56 +10:30
curben be05e66517 Update snyk policy 2018-09-30 18:01:45 +09:30
curben e32264c365 Replace hexo-autonofollow with hexo-filter-nofollow 
hexo-filter-nofollow has updated cheerio
https://snyk.io/test/npm/hexo-suka-autonofollow
 2018-09-28 12:17:40 +09:30
curben 2e7d211a4f Remove hexo-all-minifier snyk patches 
Not applicable anymore
cc1b2fc204
 2018-09-27 21:51:53 +09:30
curben 1b594c706e Add snyk to CI 
Use proper snyk flow https://snyk.io/docs/using-snyk/
 2018-09-25 10:29:43 +09:30
curben f500d2443d fix: .snyk & package.json to reduce vulnerabilities 
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:tunnel-agent:20170305
 2018-09-24 18:22:28 +09:30