Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 7 vulnerabilities #7

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
Open
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
Fast in every way that matters
</h3>
<p align="center">
Gatsby is a free and open source framework based on React that helps developers build blazing fast websites and apps
Gatsby is a free and open source framework based on React that helps developers build blazing fast websites and app
</p>
<p align="center">
<a href="https://github.com/gatsbyjs/gatsby/blob/master/LICENSE">
Expand Down
8 changes: 4 additions & 4 deletions benchmarks/md/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -20,15 +20,15 @@
"del-cli": "^3.0.0",
"dotenv": "^8.2.0",
"faker": "^4.1.0",
"front-matter": "^3.1.0",
"gatsby": "^2.20.23",
"front-matter": "^4.0.1",
"gatsby": "^4.6.0",
"gatsby-image": "^2.3.3",
"gatsby-plugin-benchmark-reporting": "*",
"gatsby-plugin-page-creator": "^2.2.2",
"gatsby-plugin-sharp": "^2.4.12",
"gatsby-remark-images": "^3.2.3",
"gatsby-remark-images": "^5.0.0",
"gatsby-source-filesystem": "^2.2.3",
"gatsby-transformer-remark": "^2.8.7",
"gatsby-transformer-remark": "^4.0.0",
"gatsby-transformer-sharp": "^2.4.5",
"glob": "^7.1.6",
"node-fetch": "^2.6.0",
Expand Down
6 changes: 3 additions & 3 deletions examples/using-javascript-transforms/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,14 @@
"dependencies": {
"bulma": "0.9.0",
"d3": "4.13.0",
"gatsby": "^2.24.63",
"gatsby": "^4.6.0",
"gatsby-plugin-sass": "^2.3.13",
"gatsby-remark-prismjs": "^3.5.13",
"gatsby-source-filesystem": "^2.3.30",
"gatsby-transformer-javascript-frontmatter": "^2.3.12",
"gatsby-transformer-remark": "^2.8.35",
"gatsby-transformer-remark": "^4.0.0",
"moment": "^2.28.0",
"node-sass": "^4.14.1",
"node-sass": "^7.0.1",
"normalize.css": "^7.0.0",
"prismjs": "^1.21.0",
"prop-types": "^15.7.2",
Expand Down
62 changes: 62 additions & 0 deletions starters/gatsby-starter-blog-theme/.snyk
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.22.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- gatsby > babel-plugin-lodash > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby > devcert > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby > eslint-plugin-flowtype > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby > babel-plugin-lodash > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby > babel-plugin-lodash > @babel/helper-module-imports > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-plugin-emotion > @emotion/babel-preset-css-prop > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > gatsby-plugin-mdx > @babel/preset-env > @babel/preset-modules > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-plugin-emotion > @emotion/babel-preset-css-prop > @babel/plugin-transform-react-jsx > @babel/helper-builder-react-jsx > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > @babel/core > @babel/helpers > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-plugin-emotion > @emotion/babel-preset-css-prop > @babel/plugin-transform-react-jsx > @babel/helper-builder-react-jsx-experimental > @babel/helper-annotate-as-pure > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > theme-ui > @theme-ui/mdx > @emotion/styled > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-simple-access > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > gatsby-plugin-mdx > @babel/preset-env > @babel/plugin-transform-modules-systemjs > @babel/helper-hoist-variables > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > gatsby-plugin-mdx > @babel/preset-env > @babel/plugin-transform-exponentiation-operator > @babel/helper-builder-binary-assignment-operator-visitor > @babel/helper-explode-assignable-expression > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > theme-ui > @theme-ui/theme-provider > @theme-ui/mdx > @emotion/styled > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-simple-access > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > theme-ui > @theme-ui/theme-provider > @theme-ui/mdx > @emotion/core > @emotion/css > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > gatsby-plugin-mdx > @babel/preset-env > @babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/helper-wrap-function > @babel/helper-function-name > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helpers > @babel/traverse > @babel/helper-function-name > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > theme-ui > @theme-ui/theme-provider > @theme-ui/color-modes > @theme-ui/core > @emotion/core > @emotion/css > babel-plugin-emotion > @babel/helper-module-imports > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > gatsby-plugin-mdx > @babel/preset-env > @babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/helper-wrap-function > @babel/traverse > @babel/helper-function-name > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > @mdx-js/mdx > remark-mdx > @babel/core > @babel/helper-module-transforms > @babel/helper-replace-supers > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
- gatsby-theme-blog > gatsby-theme-blog-core > gatsby-plugin-mdx > @babel/preset-env > @babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/helper-wrap-function > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash:
patched: '2022-02-19T07:52:23.397Z'
Loading