diff --git a/examples/s3-update-example-cli/.snyk b/examples/s3-update-example-cli/.snyk new file mode 100644 index 00000000..cc8059af --- /dev/null +++ b/examples/s3-update-example-cli/.snyk @@ -0,0 +1,10 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.22.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - '@oclif/plugin-update > lodash': + patched: '2022-03-26T01:57:35.768Z' + - '@oclif/plugin-update > cli-ux > lodash': + patched: '2022-03-26T01:57:35.768Z' diff --git a/examples/s3-update-example-cli/package.json b/examples/s3-update-example-cli/package.json index 101f9826..6837fd74 100644 --- a/examples/s3-update-example-cli/package.json +++ b/examples/s3-update-example-cli/package.json @@ -10,7 +10,8 @@ "@oclif/command": "^1.5.0", "@oclif/config": "^1.7.2", "@oclif/plugin-help": "^2.1.0", - "@oclif/plugin-update": "^1.3.1" + "@oclif/plugin-update": "^1.3.1", + "@snyk/protect": "latest" }, "devDependencies": { "@oclif/dev-cli": "^1.17.0", @@ -78,7 +79,10 @@ "test": "mocha --forbid-only \"test/**/*.test.ts\"", "prepack": "rm -rf lib && tsc && oclif-dev manifest", "postpack": "rm -f oclif.manifest.json", - "version": "oclif-dev readme && git add README.md" + "version": "oclif-dev readme && git add README.md", + "prepare": "yarn run snyk-protect", + "snyk-protect": "snyk-protect" }, - "types": "lib/index.d.ts" + "types": "lib/index.d.ts", + "snyk": true } diff --git a/examples/s3-update-example-cli/yarn.lock b/examples/s3-update-example-cli/yarn.lock index 2a52f1d7..320a0960 100644 --- a/examples/s3-update-example-cli/yarn.lock +++ b/examples/s3-update-example-cli/yarn.lock @@ -121,6 +121,11 @@ version "1.0.2" resolved "https://registry.yarnpkg.com/@oclif/screen/-/screen-1.0.2.tgz#c9d7c84b0ea60ecec8dd7a9b22c012ba9967aed8" +"@snyk/protect@^1.883.0": + version "1.883.0" + resolved "https://registry.yarnpkg.com/@snyk/protect/-/protect-1.883.0.tgz#048015d4e0f1c18b6abc7e2773b6374b620bd399" + integrity sha512-N/EqG6P/qNYWOfuZAfGS1d7yGwGY4zV7AvKtgTzdhazDt7G/mRLG6czLSWNWGEFYBiMsYRVPHdc5It3bjhmIGw== + "@types/node@^8.10.59": version "8.10.59" resolved "https://registry.yarnpkg.com/@types/node/-/node-8.10.59.tgz#9e34261f30183f9777017a13d185dfac6b899e04"