diff --git a/packages/reaction-logger/.snyk b/packages/reaction-logger/.snyk new file mode 100644 index 00000000000..a5e77e5935a --- /dev/null +++ b/packages/reaction-logger/.snyk @@ -0,0 +1,8 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + 'npm:tunnel-agent:20170305': + - bunyan-loggly > loggly > request > tunnel-agent: + patched: '2018-06-26T00:01:51.776Z' diff --git a/packages/reaction-logger/package.json b/packages/reaction-logger/package.json index a9fb738c0de..8ab1e2d5335 100644 --- a/packages/reaction-logger/package.json +++ b/packages/reaction-logger/package.json @@ -16,6 +16,12 @@ "dependencies": { "bunyan": "^1.8.0", "bunyan-format": "0.2.1", - "bunyan-loggly": "0.0.5" - } + "bunyan-loggly": "0.0.5", + "snyk": "^1.85.0" + }, + "scripts": { + "snyk-protect": "snyk protect", + "prepare": "npm run snyk-protect" + }, + "snyk": true }