From 70b9f8d785f6a1194bc4982154e5c78c16af2a6c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 22 Mar 2023 16:42:33 +0000 Subject: [PATCH] fix: examples/with-relay-modern/package.json & examples/with-relay-modern/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- examples/with-relay-modern/.snyk | 8 ++++++++ examples/with-relay-modern/package.json | 10 +++++++--- 2 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 examples/with-relay-modern/.snyk diff --git a/examples/with-relay-modern/.snyk b/examples/with-relay-modern/.snyk new file mode 100644 index 0000000000000..8e9a2b3d4b74a --- /dev/null +++ b/examples/with-relay-modern/.snyk @@ -0,0 +1,8 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - graphql-cli > graphql-cli-prepare > lodash: + patched: '2023-03-22T16:42:31.197Z' diff --git a/examples/with-relay-modern/package.json b/examples/with-relay-modern/package.json index 4f3232f9014a4..1dcf7d59d7c90 100644 --- a/examples/with-relay-modern/package.json +++ b/examples/with-relay-modern/package.json @@ -5,18 +5,22 @@ "build": "next build", "start": "next start", "relay": "relay-compiler --src ./ --exclude '**/.next/**' '**/node_modules/**' '**/test/**' '**/__generated__/**' --exclude '**/schema/**' --schema ./schema/schema.graphql", - "schema": "graphql get-schema -e dev" + "schema": "graphql get-schema -e dev", + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "dependencies": { "graphql": "^14.6.0", "next": "latest", "react": "^17.0.2", "react-dom": "^17.0.2", - "react-relay": "^9.0.0" + "react-relay": "^9.0.0", + "@snyk/protect": "latest" }, "devDependencies": { "babel-plugin-relay": "^9.0.0", "graphql-cli": "^3.0.14", "relay-compiler": "^9.0.0" - } + }, + "snyk": true }