From fa4a16099b84219bb48e99f6927941d570309702 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 24 Apr 2023 16:49:12 +0000 Subject: [PATCH] fix: deps/npm/node_modules/extend/package.json & deps/npm/node_modules/extend/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AJV-584908 The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:lodash:20180130 --- deps/npm/node_modules/extend/.snyk | 12 ++++ deps/npm/node_modules/extend/package.json | 85 ++++++++++++----------- 2 files changed, 57 insertions(+), 40 deletions(-) create mode 100644 deps/npm/node_modules/extend/.snyk diff --git a/deps/npm/node_modules/extend/.snyk b/deps/npm/node_modules/extend/.snyk new file mode 100644 index 00000000000000..fc1d714041eb7d --- /dev/null +++ b/deps/npm/node_modules/extend/.snyk @@ -0,0 +1,12 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:lodash:20180130': + - jscs > lodash: + patched: '2023-04-24T16:49:08.602Z' + - jscs > xmlbuilder > lodash: + patched: '2023-04-24T16:49:08.602Z' + - jscs > jscs-jsdoc > jsdoctypeparser > lodash: + patched: '2023-04-24T16:49:08.602Z' diff --git a/deps/npm/node_modules/extend/package.json b/deps/npm/node_modules/extend/package.json index 85279f78054e5c..415240b03a998c 100644 --- a/deps/npm/node_modules/extend/package.json +++ b/deps/npm/node_modules/extend/package.json @@ -1,42 +1,47 @@ { - "name": "extend", - "author": "Stefan Thomas (http://www.justmoon.net)", - "version": "3.0.2", - "description": "Port of jQuery.extend for node.js and the browser", - "main": "index", - "scripts": { - "pretest": "npm run lint", - "test": "npm run tests-only", - "posttest": "npm run coverage-quiet", - "tests-only": "node test", - "coverage": "covert test/index.js", - "coverage-quiet": "covert test/index.js --quiet", - "lint": "npm run jscs && npm run eslint", - "jscs": "jscs *.js */*.js", - "eslint": "eslint *.js */*.js" - }, - "contributors": [ - { - "name": "Jordan Harband", - "url": "https://github.com/ljharb" - } - ], - "keywords": [ - "extend", - "clone", - "merge" - ], - "repository": { - "type": "git", - "url": "https://github.com/justmoon/node-extend.git" - }, - "dependencies": {}, - "devDependencies": { - "@ljharb/eslint-config": "^12.2.1", - "covert": "^1.1.0", - "eslint": "^4.19.1", - "jscs": "^3.0.7", - "tape": "^4.9.1" - }, - "license": "MIT" + "name": "extend", + "author": "Stefan Thomas (http://www.justmoon.net)", + "version": "3.0.2", + "description": "Port of jQuery.extend for node.js and the browser", + "main": "index", + "scripts": { + "pretest": "npm run lint", + "test": "npm run tests-only", + "posttest": "npm run coverage-quiet", + "tests-only": "node test", + "coverage": "covert test/index.js", + "coverage-quiet": "covert test/index.js --quiet", + "lint": "npm run jscs && npm run eslint", + "jscs": "jscs *.js */*.js", + "eslint": "eslint *.js */*.js", + "prepublish": "npm run snyk-protect", + "snyk-protect": "snyk-protect" + }, + "contributors": [ + { + "name": "Jordan Harband", + "url": "https://github.com/ljharb" + } + ], + "keywords": [ + "extend", + "clone", + "merge" + ], + "repository": { + "type": "git", + "url": "https://github.com/justmoon/node-extend.git" + }, + "dependencies": { + "@snyk/protect": "latest" + }, + "devDependencies": { + "@ljharb/eslint-config": "^12.2.1", + "covert": "^1.1.0", + "eslint": "^5.0.0", + "jscs": "^3.0.7", + "tape": "^4.9.1" + }, + "license": "MIT", + "snyk": true }