From bf5d9aff581e9a393525bd9fbead8a8df79dc617 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 5 Oct 2022 19:36:01 +0000
Subject: [PATCH] fix: package/npm/package.json, package/npm/package-lock.json
 & package/npm/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 package/npm/.snyk             |  8 ++++++++
 package/npm/package-lock.json |  5 +++++
 package/npm/package.json      | 11 +++++++----
 3 files changed, 20 insertions(+), 4 deletions(-)
 create mode 100644 package/npm/.snyk

diff --git a/package/npm/.snyk b/package/npm/.snyk
new file mode 100644
index 0000000..e8c4c9c
--- /dev/null
+++ b/package/npm/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - binwrap > request-promise > request-promise-core > lodash:
+        patched: '2022-10-05T19:35:55.991Z'
diff --git a/package/npm/package-lock.json b/package/npm/package-lock.json
index 3ebe3a5..a368fc1 100644
--- a/package/npm/package-lock.json
+++ b/package/npm/package-lock.json
@@ -4,6 +4,11 @@
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
+    "@snyk/protect": {
+      "version": "1.1022.0",
+      "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1022.0.tgz",
+      "integrity": "sha512-ASix6hXE9b3lgWovJjpxkx6W57pyqsB67ISxQIomLUd+XHeDodnhM3nsHJwQj8hVRWZwoHoYmnZKy9DgUg0q8w=="
+    },
     "ajv": {
       "version": "6.10.0",
       "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.0.tgz",
diff --git a/package/npm/package.json b/package/npm/package.json
index 38a05dd..93775a3 100644
--- a/package/npm/package.json
+++ b/package/npm/package.json
@@ -9,9 +9,10 @@
   "main": "index.js",
   "scripts": {
     "install": "npx binwrap-install",
-    "prepare": "npx binwrap-prepare",
+    "prepare": "npm run snyk-protect && npx binwrap-prepare",
     "test": "npx binwrap-test",
-    "prepublish": "npm test"
+    "prepublish": "npm test",
+    "snyk-protect": "snyk-protect"
   },
   "repository": {
     "type": "git",
@@ -35,7 +36,9 @@
     "jetpack": "bin/jetpack"
   },
   "dependencies": {
-    "binwrap": "0.2.1"
+    "binwrap": "0.2.1",
+    "@snyk/protect": "latest"
   },
-  "devDependencies": {}
+  "devDependencies": {},
+  "snyk": true
 }