fix: package.json, package-lock.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
joyja · May 12, 2020 · f095035 · f095035
1 parent 62505be
commit f095035
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/.snyk b/.snyk
@@ -0,0 +1,14 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - lodash:
+        patched: '2020-05-12T19:32:45.673Z'
+    - graphql-yoga > graphql-import > lodash:
+        patched: '2020-05-12T19:32:45.673Z'
+    - winston > async > lodash:
+        patched: '2020-05-12T19:32:45.673Z'
+    - tentacle-sparkplug-client > winston > async > lodash:
+        patched: '2020-05-12T19:32:45.673Z'