fix: .snyk & package.json to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202
notadd · Jul 5, 2019 · af714d6 · af714d6
1 parent b4026a0
commit af714d6
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 2 deletions.
diff --git a/.snyk b/.snyk
@@ -1,8 +1,31 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.13.3
+version: v1.13.5
 ignore: {}
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   SNYK-JS-AXIOS-174505:
     - '@nestjs/common > axios':
         patched: '2019-05-06T07:04:01.452Z'
+  SNYK-JS-LODASH-450202:
+    - snyk > snyk-nuget-plugin > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > snyk-php-plugin > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > @snyk/dep-graph > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > inquirer > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > snyk-config > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > snyk-mvn-plugin > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > snyk-nodejs-lockfile-parser > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > snyk-go-plugin > graphlib > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > snyk-nodejs-lockfile-parser > graphlib > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
+    - snyk > @snyk/dep-graph > graphlib > lodash:
+        patched: '2019-07-05T06:58:39.477Z'
diff --git a/package.json b/package.json
@@ -31,7 +31,7 @@
     "rxjs": "6.5.2",
     "typeorm": "0.2.17",
     "typescript": "3.4.5",
-    "snyk": "1.165.1"
+    "snyk": "^1.192.0"
   },
   "devDependencies": {
     "@types/bcryptjs": "2.4.2",