fix: packages/lib/package.json & packages/lib/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
2026-02-08 00:36:26 +01:00 · 2020-05-01 00:47:44 +02:00 · 2020-05-01 00:47:43 +02:00
4 changed files with 27 additions and 78 deletions
--- a/packages/demo/.snyk
+++ b/packages/demo/.snyk
@@ -1,68 +0,0 @@
-# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.14.1
-ignore: {}
-# patches apply the minimum changes required to fix a vulnerability
-patch:
-  SNYK-JS-LODASH-567746:
-    - expo > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > @unimodules/react-native-adapter > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > expo-av > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > expo-barcode-scanner > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > expo-camera > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > expo-mail-composer > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > expo-sqlite > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > react-google-maps > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - react-native-debug-console > styled-components > @babel/traverse > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/core > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - react-native-debug-console > styled-components > babel-plugin-styled-components > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - react-native-debug-console > styled-components > @babel/traverse > @babel/generator > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-block-scoping > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - react-native-debug-console > styled-components > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - react-native-debug-console > styled-components > babel-plugin-styled-components > @babel/helper-annotate-as-pure > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > react-transform-hmr > react-proxy > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-unicode-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > metro-babel7-plugin-react-transform > @babel/helper-module-imports > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - react-native-debug-console > styled-components > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/preset-env > @babel/preset-modules > @babel/plugin-transform-dotall-regex > @babel/helper-create-regexp-features-plugin > @babel/helper-regex > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/generator > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
-    - expo > babel-preset-expo > metro-react-native-babel-preset > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
-        patched: '2020-04-30T21:12:44.362Z'
--- a/packages/demo/package.json
+++ b/packages/demo/package.json
@@ -8,9 +8,7 @@
    "ios": "expo start --ios",
    "web": "expo start --web",
    "eject": "expo eject",
-    "postinstall": "expo-yarn-workspaces postinstall",
-    "snyk-protect": "snyk protect",
-    "prepublish": "npm run snyk-protect"
+    "postinstall": "expo-yarn-workspaces postinstall"
  },
  "dependencies": {
    "expo": "^33.0.0",
@@ -18,8 +16,7 @@
    "react-dom": "^16.8.6",
    "react-native": "https://github.com/expo/react-native/archive/sdk-33.0.0.tar.gz",
    "react-native-debug-console": "^2.0.0-alpha.7",
-    "react-native-web": "0.11.4",
-    "snyk": "^1.316.1"
+    "react-native-web": "0.11.4"
  },
  "devDependencies": {
    "@babel/runtime": "^7.5.0",
@@ -29,6 +26,5 @@
    "expo-yarn-workspaces": "^1.2.0",
    "react-art": "^16.8.6"
  },
-  "private": true,
-  "snyk": true
+  "private": true
 }
--- a/packages/lib/.snyk
+++ b/packages/lib/.snyk
@@ -0,0 +1,18 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - styled-components > @babel/traverse > lodash:
+        patched: '2020-04-30T22:47:36.693Z'
+    - styled-components > babel-plugin-styled-components > lodash:
+        patched: '2020-04-30T22:47:36.693Z'
+    - styled-components > @babel/traverse > @babel/generator > lodash:
+        patched: '2020-04-30T22:47:36.693Z'
+    - styled-components > babel-plugin-styled-components > @babel/helper-annotate-as-pure > @babel/types > lodash:
+        patched: '2020-04-30T22:47:36.693Z'
+    - styled-components > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash:
+        patched: '2020-04-30T22:47:36.693Z'
+    - styled-components > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
+        patched: '2020-04-30T22:47:36.693Z'
--- a/packages/lib/package.json
+++ b/packages/lib/package.json
@@ -9,17 +9,20 @@
  "scripts": {
    "test": "jest",
    "bundle": "babel --copy-files --extensions '.ts,.tsx,.js' -d lib src",
-    "prepublish": "yarn run bundle"
+    "prepublish": "npm run snyk-protect && yarn run bundle",
+    "snyk-protect": "snyk protect"
  },
  "license": "MIT",
  "dependencies": {
    "react-native-json-tree": "^1.2.0",
-    "styled-components": "^5.0.0-beta.8"
+    "styled-components": "^5.0.0-beta.8",
+    "snyk": "^1.316.1"
  },
  "peerDependencies": {
    "prop-types": "^15.6.0",
    "react": "^16.8.3",
    "react-native": "^0.59.8",
    "react-native-webview": "^6.9.0"
-  }
+  },
+  "snyk": true
 }
Author	SHA1	Message	Date
snyk-bot	ec232824ff	fix: packages/lib/package.json & packages/lib/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746	2020-05-01 00:47:44 +02:00
snyk-bot	5903f18a2a	fix: packages/lib/package.json & packages/lib/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746	2020-05-01 00:47:43 +02:00