diff --git a/.snyk b/.snyk index 6ae4657d..45183de2 100644 --- a/.snyk +++ b/.snyk @@ -1,5 +1,5 @@ # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.12.0 +version: v1.14.1 ignore: {} # patches apply the minimum changes required to fix a vulnerability patch: @@ -8,3 +8,18 @@ patch: patched: '2018-07-03T07:38:13.918Z' - socks5-http-client > npm > npm-audit-report > cli-table2 > lodash: patched: '2018-07-03T07:38:13.918Z' + SNYK-JS-LODASH-567746: + - lodash: + patched: '2020-05-01T08:29:10.573Z' + - request-on-steroids > lodash: + patched: '2020-05-01T08:29:10.573Z' + - request-on-steroids > random-http-useragent > lodash: + patched: '2020-05-01T08:29:10.573Z' + - request-on-steroids > perseverance > lodash: + patched: '2020-05-01T08:29:10.573Z' + - request-on-steroids > perseverance > random-http-useragent > lodash: + patched: '2020-05-01T08:29:10.573Z' + - request-on-steroids > socks5-http-client > socks5-client > ip-address > lodash: + patched: '2020-05-01T08:29:10.573Z' + - request-on-steroids > socks5-https-client > socks5-client > ip-address > lodash: + patched: '2020-05-01T08:29:10.573Z' diff --git a/package.json b/package.json index 6a809d23..f6128835 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,8 @@ "dependencies": { "bluebird": "3.7.2", "lodash": "4.17.15", - "request-on-steroids": "1.1.70" + "request-on-steroids": "1.1.70", + "snyk": "^1.316.1" }, "devDependencies": { "babel-cli": "6.26.0", @@ -41,7 +42,6 @@ "mocha": "7.1.2", "pre-git": "3.17.1", "semantic-release": "17.0.7", - "snyk": "1.316.1", "testdouble": "3.13.1" }, "config": { @@ -61,10 +61,11 @@ "semantic-release": "./node_modules/.bin/semantic-release", "clean": "rm -rf lib coverage", "lint": "npm run eslint", - "prepare": "npm run snyk:protect", + "prepare": "npm run snyk-protect && npm run snyk:protect", "test": "npm run clean && npm run lint && npm run istanbul", "compile": "npm run clean && npm run babel", "commit": "./node_modules/.bin/commit-wizard", - "prepublish": "npm run compile" + "prepublish": "npm run compile", + "snyk-protect": "snyk protect" } }