From d08fc9e2c152245bd4e0e9822ee8f7b481191666 Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Thu, 17 Sep 2020 07:30:48 +0300 Subject: [PATCH] [Snyk] Fix for 1 vulnerabilities (#11523) The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- .snyk | 28 ++++++++++++++++++++++++++++ package.json | 2 +- yarn.lock | 8 ++++---- 3 files changed, 33 insertions(+), 5 deletions(-) diff --git a/.snyk b/.snyk index f2ff29617a..6c6555a819 100644 --- a/.snyk +++ b/.snyk @@ -71,3 +71,31 @@ patch: patched: '2020-09-15T23:06:41.931Z' - node-sass > gaze > globule > lodash: patched: '2020-09-15T23:06:41.931Z' + - snyk > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > @snyk/snyk-cocoapods-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-cpp-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-go-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-gradle-plugin > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-docker-plugin > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-mvn-plugin > @snyk/java-call-graph-builder > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > @snyk/snyk-cocoapods-plugin > @snyk/cocoapods-lockfile-parser > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-php-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-gradle-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-mvn-plugin > @snyk/cli-interface > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > @snyk/dep-graph > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' + - snyk > snyk-go-plugin > graphlib > lodash: + patched: '2020-09-16T23:06:38.881Z' diff --git a/package.json b/package.json index 9829356f8e..0ef96ad642 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "qz-tray": "^2.0.8", "redis": "^2.8.0", "showdown": "^1.9.1", - "snyk": "^1.398.0", + "snyk": "^1.398.1", "socket.io": "^2.3.0", "superagent": "^3.8.2", "touch": "^3.1.0", diff --git a/yarn.lock b/yarn.lock index f845904153..dd28ad1a95 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6507,10 +6507,10 @@ snyk-try-require@1.3.1, snyk-try-require@^1.1.1, snyk-try-require@^1.3.1: lru-cache "^4.0.0" then-fs "^2.0.0" -snyk@1.398.0, snyk@^1.398.0: - version "1.398.0" - resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.398.0.tgz#ae58884704d35fc494697bfa920fb70331ea5c41" - integrity sha512-o3xMTBo7cQSCO87+2smzuV7MXlUwf7tAdfYVZstjr/eKYnLGD4K/AOYkabHWauaTPdiK0LV61rLHYIy6+WybqA== +snyk@1.398.1, snyk@^1.398.1: + version "1.398.1" + resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.398.1.tgz#19aec8dfffa60e7412e6309117e96b2cfa960355" + integrity sha512-jH24ztdJY8DQlqkd1z8n/JutdOqHtTPccCynM2hfOedW20yAp9c108LFjXvqBEk/EH3YyNmWzyLkkHOySeDkwQ== dependencies: "@snyk/cli-interface" "2.9.2" "@snyk/dep-graph" "1.19.4"