fix: .snyk, package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202

fix: .snyk, package.json & package-lock.json to reduce vulnerabilities
e0fde2a7 · snyk-test · 8c269030 · e0fde2a7 · e0fde2a7 · e0fde2a7
Commit e0fde2a7 authored 5 years ago by snyk-test
--- a/.snyk
+++ b/.snyk
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-450202:
+    - lodash:
+        patched: '2019-07-03T22:35:04.771Z'
+    - winston > async > lodash:
+        patched: '2019-07-03T22:35:04.771Z'
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -13,7 +13,9 @@
    "lint-fix": "eslint . --fix",
    "start": "node cli.js",
    "test": "npm run lint && jasmine",
-    "cover": "istanbul cover --root lib --print detail jasmine"
+    "cover": "istanbul cover --root lib --print detail jasmine",
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
  },
  "dependencies": {
    "ajv": "^6.5.4",
@@ -29,7 +31,8 @@
    "prettier": "^1.17.0",
    "readdirp": "^2.1.0",
    "valid-url": "1.0.9",
-    "winston": "^3.1.0"
+    "winston": "^3.1.0",
+    "snyk": "^1.189.0"
  },
  "devDependencies": {
    "@semantic-release/changelog": "^3.0.2",
@@ -68,5 +71,6 @@
    "ghooks": {
      "pre-commit": "npx lint-staged"
    }
-  }
+  },
+  "snyk": true
 }