From 2827bf4c15b84d6ccdec455001fa3ff10aeb29b1 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 28 Mar 2022 16:10:28 +0000
Subject: [PATCH] fix: package.json, package-lock.json & .snyk to reduce
 vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 .snyk             | 12 ++++++++++++
 package-lock.json |  5 +++++
 package.json      | 10 +++++++---
 3 files changed, 24 insertions(+), 3 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..2800ece
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.22.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - jshint > lodash:
+        patched: '2022-03-28T16:10:22.003Z'
+    - node-sass > sass-graph > lodash:
+        patched: '2022-03-28T16:10:22.003Z'
+    - node-sass > gaze > globule > lodash:
+        patched: '2022-03-28T16:10:22.003Z'
diff --git a/package-lock.json b/package-lock.json
index 2ff2add..82e9c50 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4,6 +4,11 @@
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
+    "@snyk/protect": {
+      "version": "1.885.0",
+      "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.885.0.tgz",
+      "integrity": "sha512-l4DJ69TV4trzce2WAgBUfgfUu910nZ5H5pNg/K3VzuO0j4PBADucrD5SA91PngAn+etNTaBmpiWy1hqJuveS/g=="
+    },
     "abbrev": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz",
diff --git a/package.json b/package.json
index f3ea9b5..d09a1f9 100644
--- a/package.json
+++ b/package.json
@@ -4,7 +4,9 @@
   "description": "A boilerplate frontend",
   "main": "index.js",
   "scripts": {
-    "start": "nodemon --watch scss --watch js --watch build -e js,scss index.js"
+    "start": "nodemon --watch scss --watch js --watch build -e js,scss index.js",
+    "prepare": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "repository": {
     "type": "git",
@@ -30,6 +32,8 @@
     "nodemon": "^1",
     "uglify-js": "^3",
     "jshint": "^2",
-    "colors": "^1"
-  }
+    "colors": "^1",
+    "@snyk/protect": "latest"
+  },
+  "snyk": true
 }