From 48ea031cf2ab1b69b0a384663ecff3c8f9c76c7d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Apr 2020 23:12:48 +0200 Subject: [PATCH] fix: packages/demo/package.json & packages/demo/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- packages/demo/.snyk | 68 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 packages/demo/.snyk diff --git a/packages/demo/.snyk b/packages/demo/.snyk new file mode 100644 index 0000000..fdb10e8 --- /dev/null +++ b/packages/demo/.snyk @@ -0,0 +1,68 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.14.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - expo > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > @unimodules/react-native-adapter > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > expo-av > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > expo-barcode-scanner > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > expo-camera > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > expo-mail-composer > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > expo-sqlite > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > react-google-maps > lodash: + patched: '2020-04-30T21:12:44.362Z' + - react-native-debug-console > styled-components > @babel/traverse > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/core > lodash: + patched: '2020-04-30T21:12:44.362Z' + - react-native-debug-console > styled-components > babel-plugin-styled-components > lodash: + patched: '2020-04-30T21:12:44.362Z' + - react-native-debug-console > styled-components > @babel/traverse > @babel/generator > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-block-scoping > lodash: + patched: '2020-04-30T21:12:44.362Z' + - react-native-debug-console > styled-components > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash: + patched: '2020-04-30T21:12:44.362Z' + - react-native-debug-console > styled-components > babel-plugin-styled-components > @babel/helper-annotate-as-pure > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-classes > @babel/helper-define-map > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > react-transform-hmr > react-proxy > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > metro-babel7-plugin-react-transform > @babel/helper-module-imports > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z' + - react-native-debug-console > styled-components > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z' + - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash: + patched: '2020-04-30T21:12:44.362Z'