[Snyk] Fix for 1 vulnerabilities

.snyk

@@ -0,0 +1,156 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@testing-library/jest-dom > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@craco/craco > webpack-merge > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/services-core > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - styled-components > @babel/traverse > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > @babel/core > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai > webpack-bundle-analyzer > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > eslint > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > eslint-plugin-flowtype > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > html-webpack-plugin > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > webpack-manifest-plugin > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - styled-components > babel-plugin-styled-components > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - styled-components > @babel/traverse > @babel/generator > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > @makerdao/services-core > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > @typescript-eslint/parser > @typescript-eslint/typescript-estree > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > async > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > web3-provider-engine > async > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > @makerdao/multicall > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > eslint > inquirer > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > eslint > table > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > optimize-css-assets-webpack-plugin > last-call-webpack-plugin > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > react-dev-utils > inquirer > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > webpack-dev-server > http-proxy-middleware > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > @svgr/webpack > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-walletconnect > @walletconnect/web3-subprovider > web3-provider-engine > async > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > async > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > webpack-dev-server > portfinder > async > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > @svgr/webpack > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - react-scripts > jest-environment-jsdom-fourteen > jsdom > request-promise-native > request-promise-core > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai > lerna > @lerna/clean > @lerna/prompt > inquirer > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai > lerna > @lerna/version > @lerna/conventional-commits > conventional-changelog-core > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > web3-provider-engine > eth-block-tracker > @babel/plugin-transform-runtime > @babel/helper-module-imports > @babel/types > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai > lerna > @lerna/version > @lerna/conventional-commits > conventional-changelog-core > conventional-changelog-writer > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai > lerna > @lerna/version > @lerna/conventional-commits > conventional-changelog-core > conventional-commits-parser > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-block-tracker > @babel/plugin-transform-runtime > @babel/helper-module-imports > @babel/types > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-walletconnect > @walletconnect/web3-subprovider > web3-provider-engine > eth-block-tracker > @babel/plugin-transform-runtime > @babel/helper-module-imports > @babel/types > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-types > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-traverse > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-template > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-classes > babel-helper-define-map > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-sticky-regex > babel-helper-regex > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-generator > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-trezor-web > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-register > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babelify > babel-core > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai > jest > jest-cli > jest-config > jest-environment-jsdom > jsdom > request-promise-native > request-promise-core > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-types > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-types > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-types > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-traverse > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-traverse > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-traverse > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-template > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-template > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-block-scoping > babel-template > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-classes > babel-helper-define-map > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-classes > babel-helper-define-map > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-classes > babel-helper-define-map > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-sticky-regex > babel-helper-regex > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-sticky-regex > babel-helper-regex > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babel-preset-env > babel-plugin-transform-es2015-sticky-regex > babel-helper-regex > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-generator > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-generator > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babelify > babel-core > babel-generator > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@myetherwallet/dai-plugin-mewconnect > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-register > lodash':
+        patched: '2022-07-25T15:58:10.086Z'
+    - dai-plugin-dcent-web > @makerdao/dai > web3-provider-engine > eth-block-tracker > json-rpc-engine > babelify > babel-core > babel-register > lodash:
+        patched: '2022-07-25T15:58:10.086Z'
+    - '@makerdao/dai-plugin-portis > @portis/web3 > @portis/web3-provider-engine > eth-json-rpc-infura > json-rpc-engine > babelify > babel-core > babel-register > lodash':
+        patched: '2022-07-25T15:58:10.086Z'

package.json

@@ -63,7 +63,8 @@
     "reinspect": "^1.0.1",
     "styled-components": "^4.1.3",
     "styled-system": "^4.0.1",
-    "window-scroll-manager": "^1.1.4"
+    "window-scroll-manager": "^1.1.4",
+    "@snyk/protect": "latest"
   },
   "scripts": {
     "start": "NODE_ENV=development craco start",
@@ -75,18 +76,27 @@
     "ci": "yarn test --coverage",
     "now-build": "yarn build",
     "remove-sourcemaps": "rm -rf build/static/js/*.map",
-    "deploy-main": "./scripts/deploy-mainnet"
+    "deploy-main": "./scripts/deploy-mainnet",
+    "prepare": "yarn run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "engines": {
     "node": ">=10.x.x"
   },
   "lint-staged": {
-    "*.js": ["prettier --write --single-quote"]
+    "*.js": [
+      "prettier --write --single-quote"
+    ]
   },
   "eslintConfig": {
     "extends": "react-app"
   },
-  "browserslist": [">0.2%", "not dead", "not ie <= 11", "not op_mini all"],
+  "browserslist": [
+    ">0.2%",
+    "not dead",
+    "not ie <= 11",
+    "not op_mini all"
+  ],
   "devDependencies": {
     "@babel/plugin-proposal-class-properties": "^7.4.4",
     "@babel/plugin-proposal-optional-chaining": "^7.6.0",
@@ -108,5 +118,6 @@
     "wait-for-expect": "^1.1.1",
     "webpack-bundle-analyzer": "^3.0.3"
   },
-  "types": "./typings/main.d.ts"
+  "types": "./typings/main.d.ts",
+  "snyk": true
 }