Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 13 vulnerable dependencies #59

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
+246 −5
Open

[Snyk] Fix for 13 vulnerable dependencies #59

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
237 changes: 237 additions & 0 deletions .snyk
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,237 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.12.0
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
'npm:debug:20170905':
- hubot-github-management > hubot > express > connect > compression > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > send > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > send > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > connect-timeout > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > send > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > compression > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > express-session > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > finalhandler > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > body-parser > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-index > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > morgan > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > finalhandler > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > body-parser > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > finalhandler > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-index > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-index > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-static > send > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > body-parser > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > compression > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > morgan > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > express-session > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > express-session > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > connect-timeout > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > connect-timeout > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > morgan > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-static > send > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-static > send > debug:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > debug:
patched: '2018-08-15T17:03:50.582Z'
'npm:hawk:20160119':
- hubot-google-hangouts > googleapis > request > hawk:
patched: '2018-08-15T17:03:50.582Z'
'npm:http-signature:20150122':
- hubot-google-hangouts > googleapis > request > http-signature:
patched: '2018-08-15T17:03:50.582Z'
'npm:mime:20170907':
- hubot-acrogov > hubot > express > send > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > send > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-static > send > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > send > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-static > send > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot-google-hangouts > googleapis > request > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > serve-static > send > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot-google-hangouts > googleapis > request > form-data > mime:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-static > send > mime:
patched: '2018-08-15T17:03:50.582Z'
'npm:ms:20170412':
- hubot > express > send > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > send > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > send > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > connect-timeout > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > send > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > express-session > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > compression > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > body-parser > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > finalhandler > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-static > send > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > connect-timeout > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > morgan > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > send > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > send > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-index > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > connect-timeout > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > connect-timeout > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > express-session > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-static > send > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > body-parser > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-index > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-index > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > morgan > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > morgan > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > finalhandler > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > finalhandler > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > body-parser > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > express-session > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > connect-timeout > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > connect-timeout > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > compression > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-static > send > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-static > send > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > compression > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-static > send > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-static > send > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-favicon > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-favicon > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-favicon > ms:
patched: '2018-08-15T17:03:50.582Z'
'npm:ms:20151024':
- hubot-github-identity > connect > serve-static > send > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > method-override > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > finalhandler > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > express-session > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > connect-timeout > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > compression > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > connect-timeout > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > debug > ms:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > serve-static > send > ms:
patched: '2018-08-15T17:03:50.582Z'
'npm:negotiator:20160616':
- hubot > express > connect > compression > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot > express > connect > serve-index > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > compression > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > compression > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot-acrogov > hubot > express > connect > serve-index > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-management > hubot > express > connect > serve-index > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > compression > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > errorhandler > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
- hubot-github-identity > connect > serve-index > accepts > negotiator:
patched: '2018-08-15T17:03:50.582Z'
'npm:qs:20140806-1':
- hubot-google-hangouts > googleapis > request > qs:
patched: '2018-08-15T17:03:50.582Z'
'npm:request:20160119':
- hubot-google-hangouts > googleapis > request:
patched: '2018-08-15T17:03:50.582Z'
'npm:semver:20150403':
- npm-registry > semver:
patched: '2018-08-15T17:03:50.582Z'
- npm-registry > licenses > npm-registry > semver:
patched: '2018-08-15T17:03:50.582Z'
14 changes: 9 additions & 5 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,21 +43,25 @@
"hubot-thankfulness": "1.0.1",
"hubot-twitter-search": "1.0.3",
"hubot-youtube": "1.0.2",
"lodash": "4.12.0",
"lodash": "4.17.5",
"mattermost-slashbot": "^1.0.0",
"moment": "2.13.0",
"moment": "2.19.3",
"npm-registry": "0.1.13",
"quick-gist": "^1.0.0",
"random-emoji": "1.0.2",
"request": "2.84.0",
"semver": "5.1.0",
"shuffle-array": "1.0.1",
"underscore": "1.8.3"
"underscore": "1.8.3",
"snyk": "^1.90.2"
},
"engines": {
"node": "0.12.x"
},
"scripts": {
"start": "./start.sh"
}
"start": "./start.sh",
"snyk-protect": "snyk protect",
"prepare": "npm run snyk-protect"
},
"snyk": true
}