Created
July 25, 2019 15:17
-
-
Save martinhbramwell/11540118084454aa0a6a596611363aa7 to your computer and use it in GitHub Desktop.
Snyk Wizard debug output
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
snyk wizard --debug | |
snyk wizard { _: [ [Circular] ], debug: true } +0ms | |
snyk ~~~~ LIVE RUN ~~~~ +0ms | |
snyk sending request to: https://snyk.io/api/v1/verify/token +0ms | |
snyk request body size: 2 +0ms | |
snyk gzipped request body size: 22 +0ms | |
snyk not using proxy +1ms | |
snyk not using proxy +2s | |
Snyk's wizard will: | |
* Enumerate your local dependencies and query Snyk's servers for vulnerabilities | |
* Guide you through fixing found vulnerabilities | |
* Create a .snyk policy file to guide snyk commands such as `test` and `protect` | |
* Remember your dependencies to alert you when new vulnerabilities are disclosed | |
? Existing .snyk policy found. Ignore it and start from scratch [y] or update it [N]? No | |
Analyzing npm dependencies for /home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv | |
snyk policies found [ '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv', | |
'/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/snyk' ] +0ms | |
snyk converting dep-tree to dep-graph { name: '@offsppwa-vue/lambdaSrv', | |
targetFile: 'package-lock.json' } +74ms | |
snyk done converting dep-tree to dep-graph { uniquePkgsCount: 938 } +624ms | |
Analyzing npm dependencies for lambdaSrv project dir | |
snyk sending request to: https://snyk.io/api/v1/test-dep-graph +17s | |
snyk request body size: 193699 +1ms | |
snyk gzipped request body size: 30043 +0ms | |
snyk not using proxy +16ms | |
Querying vulnerabilities database... | |
Tested 937 dependencies for known vulnerabilities, found 3 vulnerabilities, 238 vulnerable paths. | |
snyk starting questions +22s | |
snyk getUpdatePrompts +0ms | |
snyk + adding lodash@4.17.12 to upgrades +175ms | |
snyk + adding mixin-deep@1.3.2 to upgrades +4ms | |
snyk + adding set-value@2.0.1 to upgrades +0ms | |
snyk + adding lodash@4.17.12 to upgrades +1ms | |
snyk + adding lodash@4.17.12 to upgrades +1ms | |
snyk + adding mixin-deep@1.3.2 to upgrades +1ms | |
snyk + adding set-value@2.0.1 to upgrades +1ms | |
snyk + adding lodash@4.17.12 to upgrades +1ms | |
snyk + adding lodash@4.17.12 to upgrades +1ms | |
snyk final show SNYK-JS-LODASH-450202 when true +125ms | |
? ✗ 46 High vulnerabilities introduced via babel-cli@6.26.0 | |
Info: https://snyk.io/package/npm/babel-cli/6.26.0 | |
Remediation options Re-install babel-cli@6.26.0 | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +4s | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +4ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +1ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +1ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk final show SNYK-JS-LODASH-450202 when true +0ms | |
? ✗ 12 High vulnerabilities introduced via babel-plugin-transform-class-properties@6.24.1 | |
Info: https://snyk.io/package/npm/babel-plugin-transform-class-properties/6.24.1 | |
Remediation options Re-install babel-plugin-transform-class-properties@6.24.1 | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +5s | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +2ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk final show SNYK-JS-LODASH-450202 when true +9ms | |
? ✗ 137 High vulnerabilities introduced via babel-preset-env@1.7.0 | |
Info: https://snyk.io/package/npm/babel-preset-env/1.7.0 | |
Remediation options Re-install babel-preset-env@1.7.0 | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +12s | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +3ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +3ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +3ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +4ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +8ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +5ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +2ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +3ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk final show SNYK-JS-MIXINDEEP-450212 when true +0ms | |
? ✗ 33 High vulnerabilities introduced via chokidar@2.0.4 | |
Info: https://snyk.io/package/npm/chokidar/2.0.4 | |
Remediation options Re-install chokidar@2.0.4 | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +4s | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +1ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +1ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +4ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +0ms | |
snyk no group answer: show SNYK-JS-MIXINDEEP-450212 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +5ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +5ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +3ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +1ms | |
snyk no group answer: show SNYK-JS-SETVALUE-450213 when false +0ms | |
snyk final show SNYK-JS-LODASH-450202 when true +0ms | |
? ✗ High severity vuln found in lodash@4.17.11, introduced via cypress@3.1.5 | |
Description: Prototype Pollution | |
Info: https://snyk.io/vuln/SNYK-JS-LODASH-450202 | |
From: cypress@3.1.5 > getos@3.1.0 > async@2.4.0 > lodash@4.17.11 | |
Remediation options Re-install cypress@3.1.5 | |
snyk final show SNYK-JS-LODASH-450202 when true +3s | |
? ✗ 3 High vulnerabilities introduced via pug@2.0.3 | |
Info: https://snyk.io/package/npm/pug/2.0.3 | |
Remediation options Re-install pug@2.0.3 | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +2s | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk final show SNYK-JS-LODASH-450202 when true +0ms | |
? ✗ 5 High vulnerabilities introduced via snyk@1.199.2 | |
Info: https://snyk.io/package/npm/snyk/1.199.2 | |
Remediation options Re-install snyk@1.199.2 | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +2s | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +1ms | |
snyk no group answer: show SNYK-JS-LODASH-450202 when false +0ms | |
snyk final show SNYK-JS-LODASH-450202 when true +0ms | |
? ✗ High severity vuln found in lodash@4.17.11, introduced via winston@3.1.0 | |
Description: Prototype Pollution | |
Info: https://snyk.io/vuln/SNYK-JS-LODASH-450202 | |
From: winston@3.1.0 > async@2.6.1 > lodash@4.17.11 | |
Remediation options Re-install winston@3.1.0 | |
snyk getPatchPrompts +2s | |
snyk getIgnorePrompts +24ms | |
snyk { ignore: [], | |
snyk update: | |
snyk [ { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-19T12:04:21.040000Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T11:45:02Z', | |
snyk fixedIn: [Array], | |
snyk functions: [], | |
snyk functions_new: [], | |
snyk id: 'SNYK-JS-LODASH-450202', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-07-10T08:12:59.719272Z', | |
snyk moduleName: 'lodash', | |
snyk packageManager: 'npm', | |
snyk packageName: 'lodash', | |
snyk patches: [Array], | |
snyk publicationTime: '2019-07-02T11:45:01Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: true, | |
snyk name: 'lodash', | |
snyk version: '4.17.11', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/lodash/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod', | |
snyk grouped: [Object] }, | |
snyk { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-19T12:04:21.040000Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T11:45:02Z', | |
snyk fixedIn: [Array], | |
snyk functions: [], | |
snyk functions_new: [], | |
snyk id: 'SNYK-JS-LODASH-450202', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-07-10T08:12:59.719272Z', | |
snyk moduleName: 'lodash', | |
snyk packageManager: 'npm', | |
snyk packageName: 'lodash', | |
snyk patches: [Array], | |
snyk publicationTime: '2019-07-02T11:45:01Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: true, | |
snyk name: 'lodash', | |
snyk version: '4.17.11', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/lodash/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod', | |
snyk grouped: [Object] }, | |
snyk { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-19T12:04:21.040000Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T11:45:02Z', | |
snyk fixedIn: [Array], | |
snyk functions: [], | |
snyk functions_new: [], | |
snyk id: 'SNYK-JS-LODASH-450202', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-07-10T08:12:59.719272Z', | |
snyk moduleName: 'lodash', | |
snyk packageManager: 'npm', | |
snyk packageName: 'lodash', | |
snyk patches: [Array], | |
snyk publicationTime: '2019-07-02T11:45:01Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: true, | |
snyk name: 'lodash', | |
snyk version: '4.17.11', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/lodash/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod', | |
snyk grouped: [Object] }, | |
snyk { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-20T09:34:56.241544Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T09:34:10Z', | |
snyk fixedIn: [Array], | |
snyk functions: [Array], | |
snyk functions_new: [Array], | |
snyk id: 'SNYK-JS-MIXINDEEP-450212', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-06-25T17:39:05.311041Z', | |
snyk moduleName: 'mixin-deep', | |
snyk packageManager: 'npm', | |
snyk packageName: 'mixin-deep', | |
snyk patches: [], | |
snyk publicationTime: '2019-06-20T09:34:08Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: false, | |
snyk name: 'mixin-deep', | |
snyk version: '1.3.1', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/mixin-deep/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod', | |
snyk grouped: [Object] }, | |
snyk { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-19T12:04:21.040000Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T11:45:02Z', | |
snyk fixedIn: [Array], | |
snyk functions: [], | |
snyk functions_new: [], | |
snyk id: 'SNYK-JS-LODASH-450202', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-07-10T08:12:59.719272Z', | |
snyk moduleName: 'lodash', | |
snyk packageManager: 'npm', | |
snyk packageName: 'lodash', | |
snyk patches: [Array], | |
snyk publicationTime: '2019-07-02T11:45:01Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: true, | |
snyk name: 'lodash', | |
snyk version: '4.17.11', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/lodash/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod' }, | |
snyk { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-19T12:04:21.040000Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T11:45:02Z', | |
snyk fixedIn: [Array], | |
snyk functions: [], | |
snyk functions_new: [], | |
snyk id: 'SNYK-JS-LODASH-450202', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-07-10T08:12:59.719272Z', | |
snyk moduleName: 'lodash', | |
snyk packageManager: 'npm', | |
snyk packageName: 'lodash', | |
snyk patches: [Array], | |
snyk publicationTime: '2019-07-02T11:45:01Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: true, | |
snyk name: 'lodash', | |
snyk version: '4.17.11', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/lodash/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod', | |
snyk grouped: [Object] }, | |
snyk { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-19T12:04:21.040000Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T11:45:02Z', | |
snyk fixedIn: [Array], | |
snyk functions: [], | |
snyk functions_new: [], | |
snyk id: 'SNYK-JS-LODASH-450202', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-07-10T08:12:59.719272Z', | |
snyk moduleName: 'lodash', | |
snyk packageManager: 'npm', | |
snyk packageName: 'lodash', | |
snyk patches: [Array], | |
snyk publicationTime: '2019-07-02T11:45:01Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: true, | |
snyk name: 'lodash', | |
snyk version: '4.17.11', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/lodash/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod', | |
snyk grouped: [Object] }, | |
snyk { CVSSv3: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L', | |
snyk alternativeIds: [], | |
snyk creationTime: '2019-06-19T12:04:21.040000Z', | |
snyk cvssScore: 7.3, | |
snyk disclosureTime: '2019-06-19T11:45:02Z', | |
snyk fixedIn: [Array], | |
snyk functions: [], | |
snyk functions_new: [], | |
snyk id: 'SNYK-JS-LODASH-450202', | |
snyk identifiers: [Object], | |
snyk language: 'js', | |
snyk modificationTime: '2019-07-10T08:12:59.719272Z', | |
snyk moduleName: 'lodash', | |
snyk packageManager: 'npm', | |
snyk packageName: 'lodash', | |
snyk patches: [Array], | |
snyk publicationTime: '2019-07-02T11:45:01Z', | |
snyk references: [Array], | |
snyk semver: [Object], | |
snyk severity: 'high', | |
snyk title: 'Prototype Pollution', | |
snyk from: [Array], | |
snyk upgradePath: [Array], | |
snyk isUpgradable: true, | |
snyk isPatchable: true, | |
snyk name: 'lodash', | |
snyk version: '4.17.11', | |
snyk nearestFixedInVersion: undefined, | |
snyk __filename: | |
snyk '/home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/node_modules/lodash/package.json', | |
snyk shrinkwrap: undefined, | |
snyk bundled: undefined, | |
snyk parentDepType: 'prod' } ], | |
snyk patch: [], | |
snyk skip: [] } +35s | |
snyk to upgrade { prod: | |
[ 'babel-cli@6.26.0', | |
'babel-plugin-transform-class-properties@6.24.1', | |
'babel-preset-env@1.7.0', | |
'chokidar@2.0.4', | |
'cypress@3.1.5', | |
'pug@2.0.3', | |
'snyk@1.199.2', | |
'winston@3.1.0' ] } +0ms | |
snyk to uninstall [ 'babel-cli', | |
'babel-plugin-transform-class-properties', | |
'babel-preset-env', | |
'chokidar', | |
'cypress', | |
'pug', | |
'snyk', | |
'winston' ] +1ms | |
snyk /home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv$ npm uninstall --save babel-cli babel-plugin-transform-class-properties babel-preset-env chokidar cypress pug snyk winston +0ms | |
snyk npm uninstall --save complete +21s | |
snyk /home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv$ npm install --save babel-cli@6.26.0 babel-plugin-transform-class-properties@6.24.1 babel-preset-env@1.7.0 chokidar@2.0.4 cypress@3.1.5 pug@2.0.3 snyk@1.199.2 winston@3.1.0 +0ms | |
snyk npm install --save complete +48s | |
Applying updates using npm... | |
snyk { | |
snyk "version": "v1.13.5", | |
snyk "ignore": { | |
snyk "npm:braces:20180219": [ | |
snyk { | |
snyk "babel-cli > chokidar > anymatch > micromatch > braces": { | |
snyk "reason": "None available", | |
snyk "expires": "2019-08-24T14:56:04.363Z" | |
snyk } | |
snyk } | |
snyk ], | |
snyk "SNYK-JS-LODASH-450202": [ | |
snyk { | |
snyk "cypress > lodash": { | |
snyk "reason": "None available", | |
snyk "expires": "2019-08-24T14:56:04.363Z" | |
snyk } | |
snyk } | |
snyk ] | |
snyk }, | |
snyk "patch": { | |
snyk "SNYK-JS-LODASH-450202": [ | |
snyk { | |
snyk "cypress > lodash": { | |
snyk "patched": "2019-07-25T13:58:55.707Z" | |
snyk } | |
snyk } | |
snyk ] | |
snyk }, | |
snyk "__modified": "2019-07-25T14:57:10.725Z", | |
snyk "__created": "2019-07-25T14:57:10.725Z", | |
snyk "__filename": ".snyk" | |
snyk } +0ms | |
Saving .snyk policy file... | |
snyk snyk version: 1.199.2 +1m | |
snyk /home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv$ npm install --save snyk +501ms | |
snyk npm install --save complete +37s | |
Updating package.json... | |
snyk running monitor +37s | |
snyk Analyzing npm dependencies for /home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/package-lock.json +0ms | |
snyk sending request to: https://snyk.io/api/v1/monitor/npm +2mrst-spa-pwa/packages/lambdaSrv/package-lock.json | |
snyk request body size: 711415 +2ms | |
snyk gzipped request body size: 26317 +1ms | |
snyk not using proxy +0ms | |
Remembering current dependencies for future notifications... | |
Your .snyk policy file has been successfully updated. | |
To review your policy, run `snyk policy`. | |
You can see a snapshot of your dependencies here: | |
https://snyk.io/org/martinhbramwell/monitor/bcae1852-55b0-48b0-98c5-834be7cc46b9 | |
We'll notify you when relevant new vulnerabilities are disclosed. | |
snyk analytics { args: | |
[ { debug: true, | |
org: null, | |
ignoreDisabled: false, | |
traverseNodeModules: false, | |
packageManager: 'npm', | |
file: 'package-lock.json', | |
packageLeading: '', | |
packageTrailing: '' } ], | |
command: 'wizard', | |
metadata: | |
{ payloadSize: [ 2, 193699, 711415 ], | |
gzippedPayloadSize: [ 22, 30043, 26317 ], | |
'inline-auth': true, | |
'start-over': false, | |
local: [ true, true, true ], | |
'generating-node-dependency-tree': [ [Object], [Object] ], | |
pluginName: 'snyk-nodejs-lockfile-parser', | |
policies: 2, | |
packageManager: [ 'npm', 'npm' ], | |
packageName: '@offsppwa-vue/lambdaSrv', | |
packageVersion: '0.0.1', | |
package: '@offsppwa-vue/lambdaSrv@0.0.1', | |
depGraph: true, | |
isDocker: false, | |
'vulns-pre-policy': 240, | |
vulns: 238, | |
answers: | |
[ [Object], | |
[Object], | |
[Object], | |
[Object], | |
[Object], | |
[Object], | |
[Object], | |
[Object] ], | |
'add-snyk-test': undefined, | |
'add-snyk-protect': undefined, | |
targetBranch: 'invoices' }, | |
version: '1.199.2', | |
os: 'Linux 4.15', | |
nodeVersion: 'v11.11.0', | |
id: 'f47177679a924bf8ed6d8817c3f2ce434686f5d8', | |
ci: false, | |
durationMs: 169299 } +0ms | |
snyk sending request to: https://snyk.io/api/v1/analytics/cli +5s | |
snyk request body size: 2176 +1ms | |
snyk gzipped request body size: 841 +0ms | |
snyk not using proxy +0ms | |
| Analyzing npm dependencies for /home/you/services/vue-offlinefirst-spa-pwa/packages/lambdaSrv/package-lock.json |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment