diff --git a/.snyk b/.snyk new file mode 100644 index 0000000..85fac50 --- /dev/null +++ b/.snyk @@ -0,0 +1,22 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.7.1 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:minimatch:20160620': + - gulp > vinyl-fs > glob-stream > minimatch: + patched: '2017-10-11T13:57:44.918Z' + - gulp-nodemon > gulp > vinyl-fs > glob-stream > minimatch: + patched: '2017-10-11T13:57:44.918Z' + - gulp > vinyl-fs > glob-stream > glob > minimatch: + patched: '2017-10-11T13:57:44.918Z' + - gulp-nodemon > gulp > vinyl-fs > glob-stream > glob > minimatch: + patched: '2017-10-11T13:57:44.918Z' + - gulp > vinyl-fs > glob-watcher > gaze > globule > minimatch: + patched: '2017-10-11T13:57:44.918Z' + - gulp-nodemon > gulp > vinyl-fs > glob-watcher > gaze > globule > minimatch: + patched: '2017-10-11T13:57:44.918Z' + - gulp > vinyl-fs > glob-watcher > gaze > globule > glob > minimatch: + patched: '2017-10-11T13:57:44.918Z' + - gulp-nodemon > gulp > vinyl-fs > glob-watcher > gaze > globule > glob > minimatch: + patched: '2017-10-11T13:57:44.918Z' diff --git a/package.json b/package.json index 4bfabfd..ae54988 100644 --- a/package.json +++ b/package.json @@ -11,12 +11,15 @@ "mongodb": "^2.0.46", "querystring": "^0.2.0", "request": "^2.65.0", - "underscore": "^1.8.3" + "underscore": "^1.8.3", + "snyk": "^1.42.6" }, "devDependencies": {}, "scripts": { "test": "echo \"Error: no test specified\" && exit 1", - "start": "node server.js" + "start": "node server.js", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" }, "repository": { "type": "git", @@ -34,5 +37,6 @@ "bugs": { "url": "https://github.com/team-photon/business-landing/issues" }, - "homepage": "https://github.com/team-photon/business-landing#readme" + "homepage": "https://github.com/team-photon/business-landing#readme", + "snyk": true }