[Snyk] Fix for 1 vulnerable dependency path (#4219)
The following vulnerabilities are ignored: - https://snyk.io/vuln/npm:content-type-parser:20170905 Latest report for mozilla/addons-frontend: https://snyk.io/test/github/mozilla/addons-frontend
This commit is contained in:
Родитель
57ec1090f3
Коммит
adb3a95fb3
8
.snyk
8
.snyk
|
@ -1,9 +1,11 @@
|
|||
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
||||
# version: v1.10.1
|
||||
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
|
||||
ignore:
|
||||
'npm:content-type-parser:20170905':
|
||||
- jsdom > content-type-parser:
|
||||
reason: 'We only use this for DOMPurify (no external fetching) so we are probably not vulnerable'
|
||||
expires: '2018-01-12T17:51:49.204Z'
|
||||
reason: >-
|
||||
We only use this for DOMPurify (no external fetching) so we are
|
||||
probably not vulnerable
|
||||
expires: '2018-02-23T22:52:31.923Z'
|
||||
patch: {}
|
||||
version: v1.10.1
|
||||
|
|
|
@ -33,7 +33,8 @@
|
|||
"test-coverage-once": "bin/config-check.js && better-npm-run jest --coverage",
|
||||
"test-once": "bin/config-check.js && better-npm-run jest && npm run lint",
|
||||
"version-check": "bin/version-check.js",
|
||||
"webpack-dev-server": "npm run build-locales && better-npm-run webpack-dev-server"
|
||||
"webpack-dev-server": "npm run build-locales && better-npm-run webpack-dev-server",
|
||||
"snyk-protect": "snyk protect"
|
||||
},
|
||||
"betterScripts": {
|
||||
"build": {
|
||||
|
@ -275,6 +276,7 @@
|
|||
"semver": "^5.3.0",
|
||||
"shelljs": "^0.7.7",
|
||||
"sinon": "^4.0.0",
|
||||
"snyk": "^1.69.3",
|
||||
"style-loader": "^0.19.0",
|
||||
"stylelint": "^8.0.0",
|
||||
"stylelint-config-standard": "^17.0.0",
|
||||
|
@ -294,5 +296,6 @@
|
|||
"path": "./dist/*.js",
|
||||
"threshold": "300 Kb"
|
||||
}
|
||||
]
|
||||
],
|
||||
"snyk": true
|
||||
}
|
||||
|
|
Загрузка…
Ссылка в новой задаче