Merge pull request #1 from xtx1130/snyk-fix-b882b0207761de8a058e9e805…

…7a39008 [Snyk] Fix for 1 vulnerable dependencies
xtx1130 · Jul 4, 2019 · 4fcd979 · 4fcd979
2 parents c77edb6 + d108952
commit 4fcd979
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/.snyk b/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-450202:
+    - request-promise-native > request-promise-core > lodash:
+        patched: '2019-07-04T07:34:13.690Z'
diff --git a/package.json b/package.json
@@ -9,7 +9,9 @@
   "scripts": {
     "lint": "standard **/*.js --verbose --fix",
     "test": "cd ./test && NODE_ENV=test jest",
-    "benchmark": "cd ./test && NODE_ENV=benchmark node --expose-gc ../cluster.js"
+    "benchmark": "cd ./test && NODE_ENV=benchmark node --expose-gc ../cluster.js",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "keywords": [
     "proxy"
@@ -24,7 +26,8 @@
     "koa-router": "^7.4.0",
     "request": "^2.87.0",
     "request-promise-native": "^1.0.5",
-    "tough-cookie": "^2.3.4"
+    "tough-cookie": "^2.3.4",
+    "snyk": "^1.189.0"
   },
   "devDependencies": {
     "easy-monitor": "^2.2.2",
@@ -58,5 +61,6 @@
       "**/out/",
       "**/test/"
     ]
-  }
+  },
+  "snyk": true
 }