klemek/snex.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: klemek/snex.io:master
Branches Tags
klemek/snex.io:master klemek/snex.io:snyk-fix-c6047b1905a26b15e1075c5103023875 klemek/snex.io:snyk-fix-4a9a5bc3e2f61bc174ff7a5b8686ab5c klemek/snex.io:snyk-fix-1bfbd9151d288a7b0a4ac865991a8836 klemek/snex.io:snyk-fix-c8d801da02d7c0479dd98d1c62720b80 klemek/snex.io:snyk-fix-b315013e59ef8a92d7217d6aed5689fe klemek/snex.io:snyk-fix-b61bc560c726a588a509484a21f61a0f klemek/snex.io:snyk-fix-68db53715c2f8591e5e42d999a817c5a klemek/snex.io:snyk-fix-e31e80203d3c201d32c68df66040c448 klemek/snex.io:snyk-fix-d0fd2d7f375d14632316e8db173f992d klemek/snex.io:snyk-fix-97395e21bb542f6e31f254c551a611f1 klemek/snex.io:snyk-fix-dc22fe0f71c8654bfd5d92f09e500612 klemek/snex.io:dependabot/npm_and_yarn/express-4.17.3 klemek/snex.io:dependabot/npm_and_yarn/qs-6.11.0 klemek/snex.io:snyk-fix-f5c073611110a3f86218bf3c6ba929b9 klemek/snex.io:snyk-fix-955eb8346b1046020f198cb47c5833dd klemek/snex.io:dependabot/npm_and_yarn/socket.io-parser-4.0.5 klemek/snex.io:snyk-fix-0978e7cf96dc248d7c18c1e748698ac9 klemek/snex.io:snyk-upgrade-3fab2c6298b408e56d239eb15da49adf klemek/snex.io:dependabot/npm_and_yarn/ws-7.4.6 klemek/snex.io:snyk-fix-abca45d15db73e989173147af4d2f1b8 klemek/snex.io:snyk-fix-feda1895f8bf614fb4bf3edb6ca86534 klemek/snex.io:snyk-upgrade-ab468e9091690a243249aa5d25b8fbb2 klemek/snex.io:snyk-upgrade-963e357ab499e0fcea98beec809d5065
..
pull from: klemek/snex.io:snyk-fix-abca45d15db73e989173147af4d2f1b8
Branches Tags
klemek/snex.io:snyk-fix-c6047b1905a26b15e1075c5103023875 klemek/snex.io:snyk-fix-4a9a5bc3e2f61bc174ff7a5b8686ab5c klemek/snex.io:snyk-fix-1bfbd9151d288a7b0a4ac865991a8836 klemek/snex.io:snyk-fix-c8d801da02d7c0479dd98d1c62720b80 klemek/snex.io:snyk-fix-b315013e59ef8a92d7217d6aed5689fe klemek/snex.io:snyk-fix-b61bc560c726a588a509484a21f61a0f klemek/snex.io:snyk-fix-68db53715c2f8591e5e42d999a817c5a klemek/snex.io:snyk-fix-e31e80203d3c201d32c68df66040c448 klemek/snex.io:snyk-fix-d0fd2d7f375d14632316e8db173f992d klemek/snex.io:snyk-fix-97395e21bb542f6e31f254c551a611f1 klemek/snex.io:snyk-fix-dc22fe0f71c8654bfd5d92f09e500612 klemek/snex.io:dependabot/npm_and_yarn/express-4.17.3 klemek/snex.io:dependabot/npm_and_yarn/qs-6.11.0 klemek/snex.io:snyk-fix-f5c073611110a3f86218bf3c6ba929b9 klemek/snex.io:snyk-fix-955eb8346b1046020f198cb47c5833dd klemek/snex.io:dependabot/npm_and_yarn/socket.io-parser-4.0.5 klemek/snex.io:snyk-fix-0978e7cf96dc248d7c18c1e748698ac9 klemek/snex.io:snyk-upgrade-3fab2c6298b408e56d239eb15da49adf klemek/snex.io:master klemek/snex.io:dependabot/npm_and_yarn/ws-7.4.6 klemek/snex.io:snyk-fix-abca45d15db73e989173147af4d2f1b8 klemek/snex.io:snyk-fix-feda1895f8bf614fb4bf3edb6ca86534 klemek/snex.io:snyk-upgrade-ab468e9091690a243249aa5d25b8fbb2 klemek/snex.io:snyk-upgrade-963e357ab499e0fcea98beec809d5065

1 Commits
master .. snyk-fix-abca45d15db73e989173147af4d2f1b8

Author SHA1 Message Date
snyk-bot 10e07b2f35 fix: package.json & package-lock.json to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-1056749
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-1056752
 2021-01-08 23:44:43 +00:00
3 changed files with 13 additions and 65 deletions
Expand all files Collapse all files
.github/workflows/docker.yml
-34
View File
@@ -1,34 +0,0 @@
name: Docker
on: ["push", "pull_request"]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build
uses: docker/build-push-action@v2
with:
context: ./
file: ./Dockerfile
builder: ${{ steps.buildx.outputs.name }}
push: false
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
Dockerfile
-18
View File
@@ -1,18 +0,0 @@
FROM node:14
# Create app directory
WORKDIR /usr/src/app
# Install app dependencies
# A wildcard is used to ensure both package.json AND package-lock.json are copied
# where available (npm@5+)
COPY package*.json ./
RUN npm install
# If you are building your code for production
# RUN npm ci --only=production
# Bundle app source
COPY . .
CMD [ "sh", "-c", "node server.js" ]
package-lock.json
Generated
+13 -13
View File
@@ -326,16 +326,16 @@
"integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==" "integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg=="
}, },
"mime-db": { "mime-db": {
"version": "1.46.0", "version": "1.45.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.46.0.tgz", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.45.0.tgz",
"integrity": "sha512-svXaP8UQRZ5K7or+ZmfNhg2xX3yKDMUzqadsSqi4NCH/KomcH75MAMYAGVlvXn4+b/xOPhS3I2uHKRUzvjY7BQ==" "integrity": "sha512-CkqLUxUk15hofLoLyljJSrukZi8mAtgd+yE5uO4tqRZsdsAJKv0O+rFMhVDRJgozy+yG6md5KwuXhD4ocIoP+w=="
}, },
"mime-types": { "mime-types": {
"version": "2.1.29", "version": "2.1.28",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.29.tgz", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.28.tgz",
"integrity": "sha512-Y/jMt/S5sR9OaqteJtslsFZKWOIIqMACsJSiHghlCAyhf7jfVYjKBmLiX8OgpWeW+fjJ2b+Az69aPFPkUOY6xQ==", "integrity": "sha512-0TO2yJ5YHYr7M2zzT7gDU1tbwHxEUWBCLt0lscSNpcdAfFyJOVEpRYNS7EXVcTLNj/25QO8gulHC5JtTzSE2UQ==",
"requires": { "requires": {
"mime-db": "1.46.0" "mime-db": "1.45.0"
} }
}, },
"ms": { "ms": {
@@ -488,9 +488,9 @@
"integrity": "sha512-2wo4EXgxOGSFueqvHAdnmi5JLZzWqMArjuP4nqC26AtLh5PoCPsaRbRdah2xhcwTAMooZfjYiNVNkkmmSMaxOQ==" "integrity": "sha512-2wo4EXgxOGSFueqvHAdnmi5JLZzWqMArjuP4nqC26AtLh5PoCPsaRbRdah2xhcwTAMooZfjYiNVNkkmmSMaxOQ=="
}, },
"socket.io-parser": { "socket.io-parser": {
"version": "4.0.4", "version": "4.0.3",
"resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.0.4.tgz", "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.0.3.tgz",
"integrity": "sha512-t+b0SS+IxG7Rxzda2EVvyBZbvFPBCjJoyHuE0P//7OAsN23GItzDRdWa6ALxZI/8R5ygK7jAR6t028/z+7295g==", "integrity": "sha512-m4ybFiP4UYVORRt7jcdqf8UWx+ywVdAqqsJyruXxAdD3Sv6MDemijWij34mOWdMJ55bEdIb9jACBhxUgNK6sxw==",
"requires": { "requires": {
"@types/component-emitter": "^1.2.10", "@types/component-emitter": "^1.2.10",
"component-emitter": "~1.3.0", "component-emitter": "~1.3.0",
@@ -562,9 +562,9 @@
"integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw="
}, },
"ws": { "ws": {
"version": "7.4.4", "version": "7.4.2",
"resolved": "https://registry.npmjs.org/ws/-/ws-7.4.4.tgz", "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.2.tgz",
"integrity": "sha512-Qm8k8ojNQIMx7S+Zp8u/uHOx7Qazv3Yv4q68MiWWWOJhiwG5W3x7iqmRtJo8xxrciZUY4vRxUTJCKuRnF28ZZw==" "integrity": "sha512-T4tewALS3+qsrpGI/8dqNMLIVdq/g/85U98HPMa6F0m6xTbvhXU6RCQLqPH3+SlomNV/LdY6RXEbBpMH6EOJnA=="
} }
} }
} }