From f03f8a255726c3e1db79b9f3ec992e0eff1e1ed9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 26 Jun 2020 22:58:15 +0000 Subject: [PATCH] fix: e2e-tests/path-prefix/package.json & e2e-tests/path-prefix/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- e2e-tests/path-prefix/.snyk | 8 ++++++++ e2e-tests/path-prefix/package.json | 10 +++++++--- 2 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 e2e-tests/path-prefix/.snyk diff --git a/e2e-tests/path-prefix/.snyk b/e2e-tests/path-prefix/.snyk new file mode 100644 index 0000000000000..fd778f2cfd07d --- /dev/null +++ b/e2e-tests/path-prefix/.snyk @@ -0,0 +1,8 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.16.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - gatsby > gatsby-cli > gatsby-recipes > graphql-tools > @graphql-tools/resolvers-composition > lodash: + patched: '2020-06-26T22:58:13.763Z' diff --git a/e2e-tests/path-prefix/package.json b/e2e-tests/path-prefix/package.json index 87eb1dc517e2f..17e4406caec7a 100644 --- a/e2e-tests/path-prefix/package.json +++ b/e2e-tests/path-prefix/package.json @@ -11,7 +11,8 @@ "gatsby-plugin-react-helmet": "latest", "react": "^16.5.2", "react-dom": "^16.5.2", - "react-helmet": "^5.2.0" + "react-helmet": "^5.2.0", + "snyk": "^1.349.0" }, "keywords": [ "gatsby" @@ -25,7 +26,9 @@ "start-server-and-test": "start-server-and-test serve http://localhost:9000/blog cy:run", "serve": "gatsby serve --prefix-paths", "cy:open": "cypress open", - "cy:run": "cypress run --browser chrome" + "cy:run": "cypress run --browser chrome", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "devDependencies": { "prettier": "^1.14.3", @@ -34,5 +37,6 @@ "repository": { "type": "git", "url": "https://github.com/gatsbyjs/gatsby-starter-default" - } + }, + "snyk": true }