[Snyk] Fix for 1 vulnerable dependencies

[snyk-bot]

Description

This PR fixes one or more vulnerable packages in the yarn dependencies of this project.
See the Snyk test report for more details.

Snyk Project: tngan/express-saml2:package.json

Snyk Organization: tngan

Lockfile

If you are using package-lock.json or yarn.lock, please re-lock your dependencies and push an updated lockfile before merging this PR.

Changes included in this PR

• A Snyk policy (.snyk) file, with updated settings.

Vulnerabilities that will be fixed

With a Snyk patch:

• SNYK-JS-LODASH-450202

You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

Check the changes in this PR to ensure they won't cause issues with your project.

Stay secure,
The Snyk team

Note: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix PRs. To review the settings for this Snyk project please go to the project settings page.

[coveralls]

Coverage remained the same at 86.612% when pulling 8c24793 on snyk-fix-0c750e0c61f1639c9af43a2299010e6b into 846ab75 on master.

[tngan]

Remarks: We already have a security monitoring service offered by github.