From 3ab548d09f35a6a9e0ee78f2df9d4f4a8b634da3 Mon Sep 17 00:00:00 2001
From: "Jennifer.Shepherd" <jennifer.shepherd@ft.com>
Date: Tue, 28 May 2019 17:16:21 +0100
Subject: [PATCH] Add Snyk to app

So that our repos avoid exposure to security vunerabilities, Snyk will monitor them for us.
---
 .circleci/config.yml | 1 +
 .snyk                | 4 ++++
 package.json         | 6 ++++--
 3 files changed, 9 insertions(+), 2 deletions(-)
 create mode 100644 .snyk

diff --git a/.circleci/config.yml b/.circleci/config.yml
index d495de4..4322685 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -112,6 +112,7 @@ jobs:
       - run:
           name: shared-helper / npm-store-auth-token
           command: .circleci/shared-helpers/helper-npm-store-auth-token
+      - run: npx snyk monitor --org=customer-products --project-name=Financial-Times/n-test
       - run:
           name: shared-helper / npm-version-and-publish-public
           command: .circleci/shared-helpers/helper-npm-version-and-publish-public
diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..861428b
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,4 @@
+# Snyk (https://snyk.io) policy file, which patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+patch: {}
diff --git a/package.json b/package.json
index a7b3230..6e7851b 100644
--- a/package.json
+++ b/package.json
@@ -10,7 +10,8 @@
     "test": "make test",
     "precommit": "node_modules/.bin/secret-squirrel",
     "commitmsg": "node_modules/.bin/secret-squirrel-commitmsg",
-    "prepush": "make verify -j3"
+    "prepush": "make verify -j3",
+    "prepare": "npx snyk protect || npx snyk protect -d || true"
   },
   "repository": {
     "type": "git",
@@ -37,6 +38,7 @@
     "cookie-parser": "^1.4.3",
     "express": "^4.16.2",
     "jest": "^22.0.6",
-    "jest-junit": "^5.1.0"
+    "jest-junit": "^5.1.0",
+    "snyk": "^1.168.0"
   }
 }