From f7d04c06687eecdb77595fd927ee1277bc360fb2 Mon Sep 17 00:00:00 2001 From: snyk-test Date: Fri, 5 Jul 2019 01:56:19 +0000 Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 --- .snyk | 10 ++++ package.json | 152 ++++++++++++++++++++++++++------------------------- 2 files changed, 88 insertions(+), 74 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 00000000000..f9bd09c39ba --- /dev/null +++ b/.snyk @@ -0,0 +1,10 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.13.5 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-450202: + - grunt-contrib-uglify > lodash: + patched: '2019-07-05T01:56:18.126Z' + - grunt-contrib-jshint > jshint > lodash: + patched: '2019-07-05T01:56:18.126Z' diff --git a/package.json b/package.json index a9c5e04a6fe..ca8c815274b 100644 --- a/package.json +++ b/package.json @@ -1,76 +1,80 @@ { - "name": "jquery-ui", - "title": "jQuery UI", - "description": "A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.", - "version": "1.12.2-pre", - "homepage": "http://jqueryui.com", - "author": { - "name": "jQuery Foundation and other contributors", - "url": "https://github.com/jquery/jquery-ui/blob/master/AUTHORS.txt" - }, - "main": "ui/widget.js", - "maintainers": [ - { - "name": "Scott González", - "email": "scott.gonzalez@gmail.com", - "url": "http://scottgonzalez.com" - }, - { - "name": "Jörn Zaefferer", - "email": "joern.zaefferer@gmail.com", - "url": "http://bassistance.de" - }, - { - "name": "Mike Sherov", - "email": "mike.sherov@gmail.com", - "url": "http://mike.sherov.com" - }, - { - "name": "TJ VanToll", - "email": "tj.vantoll@gmail.com", - "url": "http://tjvantoll.com" - }, - { - "name": "Felix Nagel", - "email": "info@felixnagel.com", - "url": "http://www.felixnagel.com" - }, - { - "name": "Alex Schmitz", - "email": "arschmitz@gmail.com", - "url": "https://github.com/arschmitz" - } - ], - "repository": { - "type": "git", - "url": "git://github.com/jquery/jquery-ui.git" - }, - "bugs": "https://bugs.jqueryui.com/", - "license": "MIT", - "scripts": { - "test": "grunt" - }, - "dependencies": { - "jquery": ">=1.7.0 <4.0.0" - }, - "devDependencies": { - "commitplease": "2.3.0", - "grunt": "0.4.5", - "grunt-bowercopy": "1.2.4", - "grunt-cli": "0.1.13", - "grunt-compare-size": "0.4.0", - "grunt-contrib-concat": "0.5.1", - "grunt-contrib-csslint": "0.5.0", - "grunt-contrib-jshint": "0.12.0", - "grunt-contrib-qunit": "1.0.1", - "grunt-contrib-requirejs": "0.4.4", - "grunt-contrib-uglify": "0.11.1", - "grunt-git-authors": "3.1.0", - "grunt-html": "6.0.0", - "grunt-jscs": "2.1.0", - "load-grunt-tasks": "3.4.0", - "rimraf": "2.5.1", - "testswarm": "1.1.0" - }, - "keywords": [] + "name": "jquery-ui", + "title": "jQuery UI", + "description": "A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.", + "version": "1.12.2-pre", + "homepage": "http://jqueryui.com", + "author": { + "name": "jQuery Foundation and other contributors", + "url": "https://github.com/jquery/jquery-ui/blob/master/AUTHORS.txt" + }, + "main": "ui/widget.js", + "maintainers": [ + { + "name": "Scott González", + "email": "scott.gonzalez@gmail.com", + "url": "http://scottgonzalez.com" + }, + { + "name": "Jörn Zaefferer", + "email": "joern.zaefferer@gmail.com", + "url": "http://bassistance.de" + }, + { + "name": "Mike Sherov", + "email": "mike.sherov@gmail.com", + "url": "http://mike.sherov.com" + }, + { + "name": "TJ VanToll", + "email": "tj.vantoll@gmail.com", + "url": "http://tjvantoll.com" + }, + { + "name": "Felix Nagel", + "email": "info@felixnagel.com", + "url": "http://www.felixnagel.com" + }, + { + "name": "Alex Schmitz", + "email": "arschmitz@gmail.com", + "url": "https://github.com/arschmitz" + } + ], + "repository": { + "type": "git", + "url": "git://github.com/jquery/jquery-ui.git" + }, + "bugs": "https://bugs.jqueryui.com/", + "license": "MIT", + "scripts": { + "test": "grunt", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" + }, + "dependencies": { + "jquery": ">=1.7.0 <4.0.0", + "snyk": "^1.192.0" + }, + "devDependencies": { + "commitplease": "2.3.0", + "grunt": "0.4.5", + "grunt-bowercopy": "1.2.4", + "grunt-cli": "0.1.13", + "grunt-compare-size": "0.4.0", + "grunt-contrib-concat": "0.5.1", + "grunt-contrib-csslint": "0.5.0", + "grunt-contrib-jshint": "0.12.0", + "grunt-contrib-qunit": "1.0.1", + "grunt-contrib-requirejs": "0.4.4", + "grunt-contrib-uglify": "0.11.1", + "grunt-git-authors": "3.1.0", + "grunt-html": "6.0.0", + "grunt-jscs": "2.1.0", + "load-grunt-tasks": "3.4.0", + "rimraf": "2.5.1", + "testswarm": "1.1.0" + }, + "keywords": [], + "snyk": true }