Skip to content
This repository has been archived by the owner on Nov 20, 2022. It is now read-only.

Commit

Permalink
fix: package.json & .snyk to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:moment:20170905

Latest report for web-innovate/leave-tracking:
https://snyk.io/test/github/web-innovate/leave-tracking
  • Loading branch information
snyk-bot committed Dec 1, 2017
1 parent c72d540 commit 878ddb6
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 3 deletions.
8 changes: 8 additions & 0 deletions .snyk
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.8.0
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
'npm:moment:20170905':
- aurelia-chart > chart.js > moment:
patched: '2017-12-01T01:59:14.848Z'
10 changes: 7 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,13 @@
"scripts": {
"install": "cd ./frontend && yarn install && cd ../backend && yarn install",
"build": "cd ./frontend && au build --env prod && cd ../backend && gulp",
"lint": "cd ./backend && yarn lint"
"lint": "cd ./backend && yarn lint",
"snyk-protect": "snyk protect",
"prepublish": "npm run snyk-protect"
},
"dependencies": {
"yarn": "^0.22.0"
}
"yarn": "^0.22.0",
"snyk": "^1.52.1"
},
"snyk": true
}

0 comments on commit 878ddb6

Please sign in to comment.