dancefinder/dancefinder-app
5
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Activity

[Snyk] Fix for 1 vulnerable dependencies #50

Merged
argoyle merged 3 commits from snyk-fix-29c2264d98d597fd8825d21e887cf53f into master 2019-07-04 10:52:40 +00:00
Conversation 4 Commits 3 Files Changed 4
+1240 -42
argoyle commented 2019-07-04 01:01:14 +00:00 (Migrated from gitlab.com)
Copy Link
Copy Source

Description

This Merge Request fixes one or more vulnerable packages in the yarn dependencies of this project.
See the Snyk test report for more details.

Snyk Project: unboundsoftware/dancefinder/dancefinder-app:package.json

Snyk Organization: argoyle

Lockfile

If you are using package-lock.json or yarn.lock, please re-lock your dependencies and push an updated lockfile before merging this Merge Request.

Changes included in this Merge Request

  • A Snyk policy (.snyk) file, with updated settings.

Vulnerabilities that will be fixed

With a Snyk patch:

You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

Check the changes in this Merge Request to ensure they won't cause issues with your project.

Stay secure,
The Snyk team

Note: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix Merge Requests. To review the settings for this Snyk project please go to the project settings page.

#### Description This Merge Request fixes one or more vulnerable packages in the `yarn` dependencies of this project. See the [Snyk test report](https://app.snyk.io/org/argoyle/test/gitlab/fdbefbeb-8f1c-483c-917e-152c9523c009/master..snyk-fix-29c2264d98d597fd8825d21e887cf53f) for more details. #### Snyk Project: [unboundsoftware/dancefinder/dancefinder-app:package.json](https://app.snyk.io/org/argoyle/project/fdbefbeb-8f1c-483c-917e-152c9523c009) #### Snyk Organization: [argoyle](https://app.snyk.io/org/argoyle) #### Lockfile If you are using `package-lock.json` or `yarn.lock`, please re-lock your dependencies and push an updated lockfile before merging this Merge Request. #### Changes included in this Merge Request - A Snyk policy (`.snyk`) file, with updated settings. #### Vulnerabilities that will be fixed ##### With a [Snyk patch](https://snyk.io/docs/fixing-vulnerabilities/#patches): - [SNYK-JS-LODASH-450202](https://snyk.io/vuln/SNYK-JS-LODASH-450202) You can read more about Snyk's upgrade and patch logic in [Snyk's documentation](https://snyk.io/docs/using-snyk/). Check the changes in this Merge Request to ensure they won't cause issues with your project. Stay secure, The Snyk team _**Note**: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix Merge Requests. To review the settings for this Snyk project please go to the [project settings page](https://app.snyk.io/org/argoyle/project/fdbefbeb-8f1c-483c-917e-152c9523c009/settings)._ [//]: # (snyk:metadata:{"type":"auto","packageManager":"yarn","vulns":["SNYK-JS-LODASH-450202"],"patch":["SNYK-JS-LODASH-450202"],"upgrade":[],"isBreakingChange":false,"env":"prod","dependencies":[],"prType":"fix"})
argoyle commented 2019-07-04 10:23:57 +00:00 (Migrated from gitlab.com)
Copy Link
Copy Source

added 1 commit

Compare with previous version

added 1 commit <ul><li>c3102f99 - Update yarn.lock</li></ul> [Compare with previous version](/unboundsoftware/dancefinder/dancefinder-app/merge_requests/1/diffs?diff_id=47279315&start_sha=31c71d60b709b78bfc5641a5be9e541a98deeae0)
argoyle commented 2019-07-04 10:41:30 +00:00 (Migrated from gitlab.com)
Copy Link
Copy Source

added 1 commit

  • 109938e2 - Update Dockerfile to add .snyk before running yarn install

Compare with previous version

added 1 commit <ul><li>109938e2 - Update Dockerfile to add .snyk before running yarn install</li></ul> [Compare with previous version](/unboundsoftware/dancefinder/dancefinder-app/merge_requests/1/diffs?diff_id=47281439&start_sha=c3102f9957543e170fbf9f6da14d7fe99a7995db)
argoyle commented 2019-07-04 10:52:40 +00:00 (Migrated from gitlab.com)
Copy Link
Copy Source

merged

merged
argoyle commented 2019-07-04 10:52:41 +00:00 (Migrated from gitlab.com)
Copy Link
Copy Source

mentioned in commit 2bbb2c7a90

mentioned in commit 2bbb2c7a90d313223575b2726bedd17436a20537
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
dependencies
Pull requests that update a dependency file
 docker
javascript
security
Pull requests that address a security vulnerability
 severity:critical
severity:high
severity:low
severity:moderate
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
argoyle (Joakim Olsson) buildtools (Buildtools) kubernetes (Kubernetes) releaser (Unbound Releaser) renovate (Renovate Bot)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: dancefinder/dancefinder-app#50
Delete Branch "snyk-fix-29c2264d98d597fd8825d21e887cf53f"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?