fix: package.json & .snyk to reduce vulnerabilities (#47)

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:debug:20170905

Latest report for rocketchat/rocket.chat.reactnative:
https://snyk.io/test/github/rocketchat/rocket.chat.reactnative
This commit is contained in:
Snyk bot 2017-11-22 16:04:44 +02:00 committed by Guilherme Gazzo
parent 6fbabc87d8
commit 45890e6c15
2 changed files with 32 additions and 2 deletions

26
.snyk Normal file
View File

@ -0,0 +1,26 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.7.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
'npm:debug:20170905':
- react-native > connect > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > express-session > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > finalhandler > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > morgan > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > serve-index > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > body-parser > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > compression > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > connect-timeout > debug:
patched: '2017-09-29T23:29:20.238Z'
- react-native > connect > serve-static > send > debug:
patched: '2017-09-29T23:29:20.238Z'
- realm > extract-zip > debug:
patched: '2017-09-29T23:29:20.238Z'

View File

@ -11,7 +11,9 @@
"ios": "react-native run-ios", "ios": "react-native run-ios",
"log-android": "react-native log-android", "log-android": "react-native log-android",
"android": "react-native run-android", "android": "react-native run-android",
"storybook": "storybook start -p 7007" "storybook": "storybook start -p 7007",
"snyk-protect": "snyk protect",
"prepare": "npm run snyk-protect"
}, },
"dependencies": { "dependencies": {
"babel-plugin-transform-decorators-legacy": "^1.3.4", "babel-plugin-transform-decorators-legacy": "^1.3.4",
@ -49,7 +51,8 @@
"redux-saga": "^0.16.0", "redux-saga": "^0.16.0",
"regenerator-runtime": "^0.11.0", "regenerator-runtime": "^0.11.0",
"remote-redux-devtools": "^0.5.12", "remote-redux-devtools": "^0.5.12",
"strip-ansi": "^4.0.0" "strip-ansi": "^4.0.0",
"snyk": "^1.41.1"
}, },
"devDependencies": { "devDependencies": {
"@storybook/addon-storyshots": "^3.2.15", "@storybook/addon-storyshots": "^3.2.15",
@ -80,6 +83,7 @@
".+\\.(css|styl|less|sass|scss|png|jpg|ttf|woff|woff2)$": "identity-obj-proxy" ".+\\.(css|styl|less|sass|scss|png|jpg|ttf|woff|woff2)$": "identity-obj-proxy"
} }
}, },
"snyk": true,
"engines": { "engines": {
"node": ">=8.x", "node": ">=8.x",
"npm": ">=4.x", "npm": ">=4.x",