diff --git a/.snyk b/.snyk index 8fdeecc..381fa62 100644 --- a/.snyk +++ b/.snyk @@ -1,8 +1,31 @@ # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.7.1 +version: v1.13.5 ignore: {} # patches apply the minimum changes required to fix a vulnerability patch: 'npm:uglify-js:20151024': - jade > transformers > uglify-js: patched: '2017-06-14T09:12:58.067Z' + SNYK-JS-LODASH-450202: + - snyk > snyk-nodejs-lockfile-parser > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > snyk-nuget-plugin > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > @snyk/dep-graph > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > inquirer > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > snyk-config > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > snyk-mvn-plugin > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > snyk-go-plugin > graphlib > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > snyk-php-plugin > @snyk/composer-lockfile-parser > lodash: + patched: '2019-07-06T01:42:15.776Z' + - snyk > @snyk/dep-graph > graphlib > lodash: + patched: '2019-07-06T01:42:15.776Z' diff --git a/package.json b/package.json index 4cff652..69866db 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "morgan": "~1.9.0", "serve-favicon": "~2.4.3", "stylus": "~0.54.3", - "snyk": "^1.34.3" + "snyk": "^1.192.3" }, "devDependencies": { "debug": "~2.6.9",