diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..2244d98 --- /dev/null +++ b/.snyk @@ -0,0 +1,16 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - archiver > lodash: + patched: '2022-10-05T17:02:09.595Z' + - archiver > archiver-utils > lodash: + patched: '2022-10-05T17:02:09.595Z' + - archiver > async > lodash: + patched: '2022-10-05T17:02:09.595Z' + - archiver > zip-stream > lodash: + patched: '2022-10-05T17:02:09.595Z' + - archiver > zip-stream > archiver-utils > lodash: + patched: '2022-10-05T17:02:09.595Z' diff --git a/package-lock.json b/package-lock.json index f28afd6..93976c8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "@eyedea-sockets/zip", - "version": "0.0.2", + "version": "0.0.4", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -761,6 +761,11 @@ "samsam": "1.3.0" } }, + "@snyk/protect": { + "version": "1.1022.0", + "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1022.0.tgz", + "integrity": "sha512-ASix6hXE9b3lgWovJjpxkx6W57pyqsB67ISxQIomLUd+XHeDodnhM3nsHJwQj8hVRWZwoHoYmnZKy9DgUg0q8w==" + }, "@syncano/core": { "version": "0.13.0-alpha.4d352111", "resolved": "https://registry.npmjs.org/@syncano/core/-/core-0.13.0-alpha.4d352111.tgz", @@ -881,6 +886,7 @@ "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz", "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=", "dev": true, + "optional": true, "requires": { "kind-of": "^3.0.2", "longest": "^1.0.1", @@ -892,6 +898,7 @@ "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", "dev": true, + "optional": true, "requires": { "is-buffer": "^1.1.5" } @@ -2842,7 +2849,8 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -2863,12 +2871,14 @@ "balanced-match": { "version": "1.0.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, "dev": true, + "optional": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -2883,17 +2893,20 @@ "code-point-at": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "concat-map": { "version": "0.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "core-util-is": { "version": "1.0.2", @@ -3010,7 +3023,8 @@ "inherits": { "version": "2.0.3", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "ini": { "version": "1.3.5", @@ -3022,6 +3036,7 @@ "version": "1.0.0", "bundled": true, "dev": true, + "optional": true, "requires": { "number-is-nan": "^1.0.0" } @@ -3036,6 +3051,7 @@ "version": "3.0.4", "bundled": true, "dev": true, + "optional": true, "requires": { "brace-expansion": "^1.1.7" } @@ -3043,12 +3059,14 @@ "minimist": { "version": "0.0.8", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "minipass": { "version": "2.2.4", "bundled": true, "dev": true, + "optional": true, "requires": { "safe-buffer": "^5.1.1", "yallist": "^3.0.0" @@ -3067,6 +3085,7 @@ "version": "0.5.1", "bundled": true, "dev": true, + "optional": true, "requires": { "minimist": "0.0.8" } @@ -3147,7 +3166,8 @@ "number-is-nan": { "version": "1.0.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "object-assign": { "version": "4.1.1", @@ -3159,6 +3179,7 @@ "version": "1.4.0", "bundled": true, "dev": true, + "optional": true, "requires": { "wrappy": "1" } @@ -3244,7 +3265,8 @@ "safe-buffer": { "version": "5.1.1", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -3280,6 +3302,7 @@ "version": "1.0.2", "bundled": true, "dev": true, + "optional": true, "requires": { "code-point-at": "^1.0.0", "is-fullwidth-code-point": "^1.0.0", @@ -3299,6 +3322,7 @@ "version": "3.0.1", "bundled": true, "dev": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -3342,12 +3366,14 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true }, "yallist": { "version": "3.0.2", "bundled": true, - "dev": true + "dev": true, + "optional": true } } }, @@ -3866,7 +3892,8 @@ "version": "2.1.1", "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=", - "dev": true + "dev": true, + "optional": true }, "is-finite": { "version": "1.0.2", @@ -5225,7 +5252,8 @@ "version": "1.0.1", "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz", "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=", - "dev": true + "dev": true, + "optional": true }, "loose-envify": { "version": "1.4.0", diff --git a/package.json b/package.json index a2cafc6..b9787ad 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,8 @@ "dependencies": { "@eyedea/syncano": "0.2.0", "archiver": "^2.0.3", - "unzip": "^0.1.11" + "unzip": "^0.1.11", + "@snyk/protect": "latest" }, "scripts": { "build": "npm run build:src && npm run build:env", @@ -32,7 +33,9 @@ "test:unit": "NODE_ENV=test jest unit/.*\\.test\\.js", "test:e2e": "NODE_ENV=test jest e2e/.*\\.test\\.js", "test:audit": "npm audit", - "test:lint": "tslint --fix -c tslint.json ./src/**/*.ts" + "test:lint": "tslint --fix -c tslint.json ./src/**/*.ts", + "prepare": "npm run snyk-protect", + "snyk-protect": "snyk-protect" }, "devDependencies": { "@babel/cli": "^7.0.0-beta.55", @@ -98,5 +101,6 @@ } ] ] - } + }, + "snyk": true }