From 6ed7130d348fef642c7a7a77c6aad3af22abffbf Mon Sep 17 00:00:00 2001
From: snyk-bot <admin+snyk-bot@snyk.io>
Date: Wed, 20 Dec 2017 13:14:43 +0000
Subject: [PATCH 1/2] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:ws:20171108
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:ws:20171108


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:ms:20170412

Latest report for jy95/p4ng:
https://snyk.io/test/github/jy95/p4ng
---
 .snyk        | 11 +++++++++++
 package.json | 14 +++++++++-----
 2 files changed, 20 insertions(+), 5 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..8a4fc33
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,11 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.10.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - socket.io > socket.io-adapter > socket.io-parser > debug:
+        patched: '2017-12-20T13:14:43.471Z'
+  'npm:ms:20170412':
+    - socket.io > socket.io-adapter > socket.io-parser > debug > ms:
+        patched: '2017-12-20T13:14:43.471Z'
diff --git a/package.json b/package.json
index 9e1cdf8..0fe6e36 100644
--- a/package.json
+++ b/package.json
@@ -13,11 +13,12 @@
     "jsonwebtoken": "^7.2.1",
     "mongoose": "^4.7.2",
     "shelljs": "^0.7.5",
-    "socket.io": "^1.5.1",
-    "socket.io-client": "^1.6.0",
+    "socket.io": "2.0.2",
+    "socket.io-client": "2.0.2",
     "underscore": "^1.8.3",
     "uuid": "^3.0.0",
-    "winston": "^2.3.0"
+    "winston": "^2.3.0",
+    "snyk": "^1.61.1"
   },
   "devDependencies": {
     "coveralls": "^2.11.15",
@@ -31,7 +32,9 @@
     "startServer": "node src/server/launch-server.js",
     "cover": "istanbul cover node_modules/mocha/bin/_mocha -- -R spec test/test.js",
     "coveralls": "npm run cover -- --report lcovonly && cat ./coverage/lcov.info | coveralls",
-    "packagerApp": "node scripts/packager-script.js"
+    "packagerApp": "node scripts/packager-script.js",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "repository": {
     "type": "git",
@@ -50,5 +53,6 @@
   "bugs": {
     "url": "https://github.com/jy95/P4ng/issues"
   },
-  "homepage": "https://github.com/jy95/P4ng#readme"
+  "homepage": "https://github.com/jy95/P4ng#readme",
+  "snyk": true
 }

From 61d5693b50c0fac95cb27da54a83f9748c5f00d7 Mon Sep 17 00:00:00 2001
From: jy95 <jacques.yakoub@gmail.com>
Date: Wed, 20 Dec 2017 14:32:12 +0100
Subject: [PATCH 2/2] Update socket io

Trying to fix bugs introduced by socket io 2.0
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 0fe6e36..9e43a2e 100644
--- a/package.json
+++ b/package.json
@@ -13,8 +13,8 @@
     "jsonwebtoken": "^7.2.1",
     "mongoose": "^4.7.2",
     "shelljs": "^0.7.5",
-    "socket.io": "2.0.2",
-    "socket.io-client": "2.0.2",
+    "socket.io": "^2.0.4",
+    "socket.io-client": "^2.0.4",
     "underscore": "^1.8.3",
     "uuid": "^3.0.0",
     "winston": "^2.3.0",