From 2f02e5271696f3651e476a9376db10b41add2f23 Mon Sep 17 00:00:00 2001
From: Eva Sarafianou <eva.sarafianou@gmail.com>
Date: Tue, 23 Oct 2018 12:38:12 +0100
Subject: [PATCH] Fix snyk (#23)

* Fix .snyk format

* Add snyk to fail test on new vulnerabilities
---
 .snyk        |  6 +++---
 package.json | 11 ++++++-----
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/.snyk b/.snyk
index 67baca2..0fdf2c7 100644
--- a/.snyk
+++ b/.snyk
@@ -2,10 +2,10 @@
 version: v1.12.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
-  chownr@1.0.1:
-    - '*':
+  'npm:chownr:20180731':
+    - bcrypt > node-pre-gyp > tar > chownr:
         reason: >-
           It does not affect us. bcrypt doesnt use the vulnerable dependency in
           runtime, just when installing
-        expires: 2020-01-01T00:00:00.000Z
+        expires: '2020-01-01T00:00:00.000Z'
 patch: {}
diff --git a/package.json b/package.json
index 9aedbe1..be80e5f 100644
--- a/package.json
+++ b/package.json
@@ -5,17 +5,18 @@
   "main": "magic.js",
   "license": "MIT",
   "repository": {
-	  "type": "git",
-	  "url": "https://github.com/auth0/magic.git"
+    "type": "git",
+    "url": "https://github.com/auth0/magic.git"
   },
   "dependencies": {
     "bcrypt": "3.0.0",
     "libsodium-wrappers-sumo": "0.7.3"
   },
   "scripts": {
-    "test": "./node_modules/.bin/mocha --delay ./test/magic.test.js ./test/magic.test.vectors.js"
+    "test": "snyk test && ./node_modules/.bin/mocha --delay ./test/magic.test.js ./test/magic.test.vectors.js"
   },
   "devDependencies": {
-    "mocha": "^5.1.1"
+    "mocha": "^5.1.1",
+    "snyk": "^1.104.2"
   }
-}
+}
\ No newline at end of file