From 3aea39b00587580e06285254c90ee4532b62ebc7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 11 Oct 2017 14:40:17 +0000 Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/npm:qs:20170213 - https://snyk.io/vuln/npm:qs:20140806 - https://snyk.io/vuln/npm:qs:20140806-1 - https://snyk.io/vuln/npm:mime:20170907 - https://snyk.io/vuln/npm:mime:20170907 - https://snyk.io/vuln/npm:fresh:20170908 - https://snyk.io/vuln/npm:debug:20170905 - https://snyk.io/vuln/npm:qs:20170213 - https://snyk.io/vuln/npm:negotiator:20160616 - https://snyk.io/vuln/npm:send:20151103 - https://snyk.io/vuln/npm:serve-static:20150120 - https://snyk.io/vuln/npm:serve-static:20150113 - https://snyk.io/vuln/npm:send:20140912 - https://snyk.io/vuln/npm:qs:20140806-1 - https://snyk.io/vuln/npm:qs:20140806 - https://snyk.io/vuln/npm:express:20140912 - https://snyk.io/vuln/npm:cookie-signature:20160804 - https://snyk.io/vuln/npm:tunnel-agent:20170305 The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:debug:20170905 - https://snyk.io/vuln/npm:ms:20170412 Latest report for feedhenry-templates/fh-connector-sharepoint-cloud: https://snyk.io/test/github/feedhenry-templates/fh-connector-sharepoint-cloud --- .snyk | 35 +++++++++++++++++++++++++++++++++++ package.json | 14 +++++++++----- 2 files changed, 44 insertions(+), 5 deletions(-) create mode 100644 .snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..3b6f2cb --- /dev/null +++ b/.snyk @@ -0,0 +1,35 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.7.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:debug:20170905': + - fh-mbaas-api > debug: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > body-parser > debug: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > debug: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > send > debug: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > serve-static > send > debug: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-sync > debug: + patched: '2017-10-11T14:40:17.288Z' + 'npm:ms:20170412': + - fh-mbaas-api > debug > ms: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > serve-static > send > ms: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > body-parser > debug > ms: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > debug > ms: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > send > debug > ms: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > serve-static > send > debug > ms: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-mbaas-express > express > send > ms: + patched: '2017-10-11T14:40:17.288Z' + - fh-mbaas-api > fh-sync > debug > ms: + patched: '2017-10-11T14:40:17.288Z' diff --git a/package.json b/package.json index f452110..cb72995 100644 --- a/package.json +++ b/package.json @@ -2,14 +2,15 @@ "name": "fh-service-sharepoint-cloud", "version": "0.2.0", "dependencies": { - "express": "4.0.0", + "express": "4.16.0", "fh-mbaas-api": "~8.0.2", - "body-parser": "~1.0.2", + "body-parser": "~1.17.1", "cors": "~2.2.0", "node-uuid": "^1.4.3", "sharepointer": "^1.3.2", "underscore": "^1.8.3", - "request": "2.79.0" + "request": "2.81.0", + "snyk": "^1.42.6" }, "devDependencies": { "grunt": "0.4.5", @@ -23,8 +24,11 @@ }, "scripts": { "test": "grunt test", - "start": "node application.js" + "start": "node application.js", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "license": "Apache-2.0", - "main": "application.js" + "main": "application.js", + "snyk": true }