status-im
/
chat
mirror of https://github.com/status-im/chat.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: package.json & .snyk to reduce vulnerabilities 

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-6139239


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
This commit is contained in:
snyk-bot 2024-04-16 00:15:06 +00:00
parent 6947b6715e
commit 59d09359fa
No known key found for this signature in database
GPG Key ID: 78AC5AE55A47A65B
2 changed files with 30 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
.snyk Normal file
View File

@ -0,0 +1,18 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.25.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- murmur-client > libp2p-websocket-star > async > lodash:
patched: '2024-04-16T00:15:03.040Z'
id: SNYK-JS-LODASH-567746
path: murmur-client > libp2p-websocket-star > async > lodash
- status-js-api > web3 > web3-shh > web3-utils > lodash:
patched: '2024-04-16T00:15:03.040Z'
id: SNYK-JS-LODASH-567746
path: status-js-api > web3 > web3-shh > web3-utils > lodash
- status-js-api > web3 > web3-eth-personal > web3-core-helpers > lodash:
patched: '2024-04-16T00:15:03.040Z'
id: SNYK-JS-LODASH-567746
path: status-js-api > web3 > web3-eth-personal > web3-core-helpers > lodash

20
package.json
View File

@ -13,12 +13,12 @@
"@types/react-dom": "^16.0.11", "@types/react-dom": "^16.0.11",
"autoscroll-react": "^3.2.0", "autoscroll-react": "^3.2.0",
"emoji-mart": "^2.8.1", "emoji-mart": "^2.8.1",
"eth-keyring-controller": "^3.3.1", "eth-keyring-controller": "^9.0.0",
"formik": "^1.3.1", "formik": "^1.3.1",
"ipfs": "^0.33.1", "ipfs": "^0.66.1",
"lodash": "^4.17.11", "lodash": "^4.17.17",
"memoize-one": "^4.0.3", "memoize-one": "^4.0.3",
"murmur-client": "^0.3.4", "murmur-client": "^0.3.0",
"pull-file-reader": "^1.0.2", "pull-file-reader": "^1.0.2",
"react": "^16.7.0", "react": "^16.7.0",
"react-dom": "^16.7.0", "react-dom": "^16.7.0",
@ -26,21 +26,24 @@
"react-hot-loader": "^4.3.4", "react-hot-loader": "^4.3.4",
"react-jazzicon": "^0.1.3", "react-jazzicon": "^0.1.3",
"react-linkify": "^0.2.2", "react-linkify": "^0.2.2",
"react-scripts": "2.1.3", "react-scripts": "4.0.0",
"react-spinners": "^0.4.7", "react-spinners": "^0.4.7",
"react-spotify-player": "^1.0.4", "react-spotify-player": "^1.0.4",
"react-syntax-highlighter": "^10.0.1", "react-syntax-highlighter": "^10.0.1",
"react-youtube": "^7.8.0", "react-youtube": "^7.8.0",
"status-js-api": "^1.2.6", "status-js-api": "^1.2.6",
"typescript": "^3.2.4", "typescript": "^3.2.4",
"uuid": "^3.3.2" "uuid": "^3.3.2",
"@snyk/protect": "latest"
}, },
"scripts": { "scripts": {
"start": "react-scripts start", "start": "react-scripts start",
"build": "react-scripts build", "build": "react-scripts build",
"build-opt": "react-scripts --max_old_space_size=4096 build", "build-opt": "react-scripts --max_old_space_size=4096 build",
"test": "react-scripts test", "test": "react-scripts test",
"eject": "react-scripts eject" "eject": "react-scripts eject",
"prepare": "npm run snyk-protect",
"snyk-protect": "snyk-protect"
}, },
"eslintConfig": { "eslintConfig": {
"extends": "react-app" "extends": "react-app"
@ -50,5 +53,6 @@
"not dead", "not dead",
"not ie <= 11", "not ie <= 11",
"not op_mini all" "not op_mini all"
] ],
"snyk": true
} }