Merge pull request #34 from Woodpile37/snyk-fix-555b49ef229f8536a87db…

…423bb604c82 [Snyk] Fix for 1 vulnerabilities
Woodpile37 · Oct 6, 2023 · 6f27f7a · 6f27f7a
2 parents 7e850f7 + e9ae0a1
commit 6f27f7a
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 5 deletions.
diff --git a/examples/with-relay-modern/.snyk b/examples/with-relay-modern/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - graphql-cli > graphql-cli-prepare > lodash:
+        patched: '2023-03-22T16:42:31.197Z'
diff --git a/examples/with-relay-modern/package.json b/examples/with-relay-modern/package.json
@@ -5,18 +5,22 @@
     "build": "next build",
     "start": "next start",
     "relay": "relay-compiler --src ./ --exclude '**/.next/**' '**/node_modules/**' '**/test/**'  '**/__generated__/**' --exclude '**/schema/**' --schema ./schema/schema.graphql",
-    "schema": "graphql get-schema -e dev"
+    "schema": "graphql get-schema -e dev",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "dependencies": {
     "graphql": "^14.6.0",
     "next": "latest",
-    "react": "^18.2.0",
-    "react-dom": "^18.2.0",
-    "react-relay": "^9.0.0"
+    "react": "^17.0.2",
+    "react-dom": "^17.0.2",
+    "react-relay": "^9.0.0",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "babel-plugin-relay": "^9.0.0",
     "graphql-cli": "^3.0.14",
     "relay-compiler": "^9.0.0"
-  }
+  },
+  "snyk": true
 }