diff --git a/frontend/.snyk b/frontend/.snyk new file mode 100644 index 0000000..7a5039b --- /dev/null +++ b/frontend/.snyk @@ -0,0 +1,8 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.19.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - '@vue/cli-plugin-e2e-cypress > cypress > lodash': + patched: '2021-06-17T05:58:45.179Z' diff --git a/frontend/package.json b/frontend/package.json index 881271e..7f48a64 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -7,7 +7,9 @@ "build": "vue-cli-service build", "lint": "vue-cli-service lint", "test:e2e": "vue-cli-service test:e2e", - "test:unit": "vue-cli-service test:unit" + "test:unit": "vue-cli-service test:unit", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "dependencies": { "@fortawesome/fontawesome-svg-core": "^1.2.25", @@ -25,23 +27,24 @@ "vue-jsoneditor": "^1.0.13", "vue-router": "^3.0.3", "vue-socket.io": "^3.0.7", - "vuex": "^3.0.1" + "vuex": "^3.0.1", + "snyk": "^1.634.0" }, "devDependencies": { "@vue/cli-plugin-babel": "^3.9.0", "@vue/cli-plugin-e2e-cypress": "^3.9.0", - "@vue/cli-plugin-eslint": "^3.9.0", + "@vue/cli-plugin-eslint": "^4.0.0", "@vue/cli-plugin-pwa": "^3.9.0", - "@vue/cli-plugin-unit-jest": "^3.9.0", - "@vue/cli-service": "^3.9.0", + "@vue/cli-plugin-unit-jest": "^4.0.0", + "@vue/cli-service": "^4.0.0", "@vue/eslint-config-prettier": "^4.0.1", "@vue/test-utils": "1.0.0-beta.29", "babel-core": "7.0.0-bridge.0", "babel-eslint": "^10.0.1", - "babel-jest": "^23.6.0", + "babel-jest": "^24.0.0", "eslint": "^5.16.0", "eslint-plugin-vue": "^5.0.0", - "lint-staged": "^8.1.5", + "lint-staged": "^9.0.0", "node-sass": "^4.9.0", "sass-loader": "^7.1.0", "vue-template-compiler": "^2.6.10" @@ -107,5 +110,6 @@ "vue-cli-service lint", "git add" ] - } + }, + "snyk": true }