[Snyk] Fix for 1 vulnerabilities (#43)

* fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 * fix: package.json & .snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 Co-authored-by: snyk-bot <[email protected]>
bdirs · Jun 8, 2020 · 1d630f9 · 1d630f9
1 parent e7b0083
commit 1d630f9
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/.snyk b/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - sequelize > lodash:
+        patched: '2020-05-01T04:40:16.810Z'
diff --git a/package.json b/package.json
@@ -13,7 +13,9 @@
     "db:migrate": "node_modules/.bin/sequelize db:migrate --migrations-path ./src/db/migrations",
     "test": "jest --detectOpenHandles --coverage  --forceExit",
     "clean": "rm -rf dist/",
-    "build": "yarn tsc"
+    "build": "yarn tsc",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "devDependencies": {
     "@sentry/node": "^5.5.0",
@@ -53,7 +55,7 @@
     "pg-hstore": "^2.3.3",
     "reflect-metadata": "^0.1.13",
     "sequelize": "^5.21.3",
-    "snyk": "^1.230.5",
+    "snyk": "^1.316.1",
     "uuid": "^3.3.3"
   },
   "engines": {