From 1f38cf9406c19cb868ea625f35c065f776160e4b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 9 Sep 2016 02:19:32 +0000 Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities --- .snyk | 12 ++++++++++-- package.json | 13 ++++++++----- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/.snyk b/.snyk index 03699e69..591aeb34 100644 --- a/.snyk +++ b/.snyk @@ -1,4 +1,12 @@ failThreshold: high -version: v1.5.2 +version: v1.5.0 ignore: {} -patch: {} \ No newline at end of file +patch: + 'npm:negotiator:20160616': + - socket.io > engine.io > accepts > negotiator: + patched: '2016-09-09T02:19:31.082Z' + 'npm:ws:20160624': + - socket.io > engine.io > ws: + patched: '2016-09-09T02:19:31.082Z' + - socket.io > socket.io-client > engine.io-client > ws: + patched: '2016-09-09T02:19:31.082Z' diff --git a/package.json b/package.json index 092a8e33..eb5c82dc 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,9 @@ "scripts": { "start": "node server", "dev": "gulp", - "test": "snyk test && istanbul cover ./node_modules/mocha/bin/_mocha --report lcovonly -- -R spec ./tests/index.js && cat ./coverage/lcov.info | ./node_modules/.bin/codacy-coverage && rm -rf ./coverage" + "test": "snyk test && istanbul cover ./node_modules/mocha/bin/_mocha --report lcovonly -- -R spec ./tests/index.js && cat ./coverage/lcov.info | ./node_modules/.bin/codacy-coverage && rm -rf ./coverage", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "repository": { "type": "git", @@ -80,7 +82,8 @@ "sticky-js": "^1.0.7", "validator": "^5.6.0", "validator-as-promised": "^1.0.2", - "winston": "^2.2.0" + "winston": "^2.2.0", + "snyk": "^1.19.1" }, "devDependencies": { "ace-builds": "^1.2.5", @@ -109,9 +112,9 @@ "mocha": "^3.0.2", "mocha-lcov-reporter": "^1.2.0", "nodemon": "^1.10.2", - "snyk": "^1.19.1", "sticky-js": "^1.0.5", "twemoji-awesome": "^1.0.4", "vue": "^1.0.26" - } -} + }, + "snyk": true +} \ No newline at end of file