Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #142

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
180 changes: 180 additions & 0 deletions e2e-tests/production-runtime/.snyk
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.14.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- cypress > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby-plugin-offline > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @babel/core > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > css-loader > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > devcert > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > eslint > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > eslint-plugin-flowtype > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > eslint-plugin-graphql > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-telemetry > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-plugin-page-creator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > webpack-merge > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby-plugin-offline > cheerio > lodash:
patched: '2020-05-01T08:46:39.118Z'
- cypress > getos > async > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @typescript-eslint/parser > @typescript-eslint/typescript-estree > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-eslint > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > eslint > inquirer > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > eslint > table > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > eslint-plugin-graphql > graphql-config > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-telemetry > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-plugin-page-creator > gatsby-page-utils > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > optimize-css-assets-webpack-plugin > last-call-webpack-plugin > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > react-dev-utils > inquirer > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > webpack-dev-server > http-proxy-middleware > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @typescript-eslint/parser > @typescript-eslint/experimental-utils > @typescript-eslint/typescript-estree > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-eslint > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @babel/core > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @pmmmwh/react-refresh-webpack-plugin > react-dev-utils > inquirer > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > yurnalist > inquirer > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > eslint-plugin-graphql > graphql-config > graphql-import > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > gatsby-telemetry > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > webpack-dev-server > portfinder > async > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-eslint > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > @babel/core > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-eslint > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-eslint > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/generator > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > import-jsx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > babel-preset-gatsby > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
- gatsby > gatsby-cli > gatsby-recipes > @mdx-js/runtime > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2020-05-01T08:46:39.118Z'
10 changes: 7 additions & 3 deletions e2e-tests/production-runtime/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@
"gatsby-plugin-react-helmet": "latest",
"react": "^16.5.2",
"react-dom": "^16.5.2",
"react-helmet": "^5.2.0"
"react-helmet": "^5.2.0",
"snyk": "^1.316.1"
},
"keywords": [
"gatsby"
Expand All @@ -26,7 +27,9 @@
"start-server-and-test": "start-server-and-test serve http://localhost:9000 cy:run",
"serve": "gatsby serve",
"cy:open": "cypress open",
"cy:run": "cypress run --browser chrome"
"cy:run": "cypress run --browser chrome",
"snyk-protect": "snyk protect",
"prepublish": "npm run snyk-protect"
},
"devDependencies": {
"prettier": "^1.14.3",
Expand All @@ -35,5 +38,6 @@
"repository": {
"type": "git",
"url": "https://github.com/gatsbyjs/gatsby-starter-default"
}
},
"snyk": true
}