From c82a9d7539da73819e0c2f77cdf2ec4a3a4dba23 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 22 Aug 2023 18:39:17 +0000 Subject: [PATCH] fix: docs/package.json, docs/package-lock.json & docs/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- docs/.snyk | 36 ++++++++++++++++++++++++++++++++++++ docs/package-lock.json | 5 +++++ docs/package.json | 10 +++++++--- 3 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 docs/.snyk diff --git a/docs/.snyk b/docs/.snyk new file mode 100644 index 000000000000..d21988540191 --- /dev/null +++ b/docs/.snyk @@ -0,0 +1,36 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > @babel/core > @babel/helper-module-transforms > lodash: + patched: '2023-08-22T18:38:44.628Z' + id: SNYK-JS-LODASH-567746 + path: >- + gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > @babel/core > + @babel/helper-module-transforms > lodash + - gatsby-theme-docz > gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > @babel/core > lodash: + patched: '2023-08-22T18:38:44.628Z' + id: SNYK-JS-LODASH-567746 + path: >- + gatsby-theme-docz > gatsby > gatsby-cli > gatsby-recipes > + remark-mdxjs > @babel/core > lodash + - docz > gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > @babel/core > lodash: + patched: '2023-08-22T18:38:44.628Z' + id: SNYK-JS-LODASH-567746 + path: >- + docz > gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > + @babel/core > lodash + - gatsby-theme-docz > gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > @babel/core > @babel/helper-module-transforms > lodash: + patched: '2023-08-22T18:38:44.628Z' + id: SNYK-JS-LODASH-567746 + path: >- + gatsby-theme-docz > gatsby > gatsby-cli > gatsby-recipes > + remark-mdxjs > @babel/core > @babel/helper-module-transforms > lodash + - docz > gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > @babel/core > @babel/helper-module-transforms > lodash: + patched: '2023-08-22T18:38:44.628Z' + id: SNYK-JS-LODASH-567746 + path: >- + docz > gatsby > gatsby-cli > gatsby-recipes > remark-mdxjs > + @babel/core > @babel/helper-module-transforms > lodash diff --git a/docs/package-lock.json b/docs/package-lock.json index ffec1e0ca4f0..06898e3e1377 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -2255,6 +2255,11 @@ } } }, + "@snyk/protect": { + "version": "1.1205.0", + "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1205.0.tgz", + "integrity": "sha512-y0dpE+RKbaAcl/QnIcczoROfBs+HZwOSV4DAnLe+mlzUyfojMv4DXxkjdzIEsO+Q0llI8VnAM/cO77kGFaIt/A==" + }, "@styled-system/background": { "version": "5.1.2", "resolved": "https://registry.npmjs.org/@styled-system/background/-/background-5.1.2.tgz", diff --git a/docs/package.json b/docs/package.json index 08e2b792f3e2..2aad21e77582 100644 --- a/docs/package.json +++ b/docs/package.json @@ -36,7 +36,8 @@ "react-helmet": "^6.1.0", "swagger-ui-react": "^3.35.0", "theme-ui": "^0.3.1", - "three": "^0.68.0" + "three": "^0.68.0", + "@snyk/protect": "latest" }, "devDependencies": { "eslint-config-airbnb": "^18.2.0", @@ -57,7 +58,9 @@ "clean": "gatsby clean", "lint": "eslint src/ --ext .ts,.js,.tsx,.jsx", "lint-fix": "eslint --fix src/ --ext .ts,.js,.tsx,.jsx", - "test": "echo \"Write tests! -> https://gatsby.dev/unit-testing\" && exit 1" + "test": "echo \"Write tests! -> https://gatsby.dev/unit-testing\" && exit 1", + "prepare": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "repository": { "type": "git", @@ -71,5 +74,6 @@ }, "bugs": { "url": "https://github.com/gatsbyjs/gatsby/issues" - } + }, + "snyk": true }