mirror of https://github.com/status-im/chat.git
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462 The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
This commit is contained in:
parent
6947b6715e
commit
feef420169
|
@ -0,0 +1,10 @@
|
|||
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
||||
version: v1.25.1
|
||||
ignore: {}
|
||||
# patches apply the minimum changes required to fix a vulnerability
|
||||
patch:
|
||||
SNYK-JS-LODASH-567746:
|
||||
- murmur-client > libp2p-websocket-star > async > lodash:
|
||||
patched: '2024-01-03T18:33:26.534Z'
|
||||
id: SNYK-JS-LODASH-567746
|
||||
path: murmur-client > libp2p-websocket-star > async > lodash
|
File diff suppressed because it is too large
Load Diff
12
package.json
12
package.json
|
@ -26,21 +26,24 @@
|
|||
"react-hot-loader": "^4.3.4",
|
||||
"react-jazzicon": "^0.1.3",
|
||||
"react-linkify": "^0.2.2",
|
||||
"react-scripts": "2.1.3",
|
||||
"react-scripts": "4.0.0",
|
||||
"react-spinners": "^0.4.7",
|
||||
"react-spotify-player": "^1.0.4",
|
||||
"react-syntax-highlighter": "^10.0.1",
|
||||
"react-youtube": "^7.8.0",
|
||||
"status-js-api": "^1.2.6",
|
||||
"typescript": "^3.2.4",
|
||||
"uuid": "^3.3.2"
|
||||
"uuid": "^3.3.2",
|
||||
"@snyk/protect": "latest"
|
||||
},
|
||||
"scripts": {
|
||||
"start": "react-scripts start",
|
||||
"build": "react-scripts build",
|
||||
"build-opt": "react-scripts --max_old_space_size=4096 build",
|
||||
"test": "react-scripts test",
|
||||
"eject": "react-scripts eject"
|
||||
"eject": "react-scripts eject",
|
||||
"prepare": "npm run snyk-protect",
|
||||
"snyk-protect": "snyk-protect"
|
||||
},
|
||||
"eslintConfig": {
|
||||
"extends": "react-app"
|
||||
|
@ -50,5 +53,6 @@
|
|||
"not dead",
|
||||
"not ie <= 11",
|
||||
"not op_mini all"
|
||||
]
|
||||
],
|
||||
"snyk": true
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue