From b12976c947da379c985336ef8090b0128248a555 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 25 Mar 2022 18:16:48 +0000
Subject: [PATCH] fix: package.json, package-lock.json & .snyk to reduce
 vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 .snyk             | 18 ++++++++++++++++++
 package-lock.json |  5 +++++
 package.json      | 10 +++++++---
 3 files changed, 30 insertions(+), 3 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..af77483
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,18 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.22.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - inquirer > lodash:
+        patched: '2022-03-25T18:16:28.739Z'
+    - '@babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/traverse > lodash':
+        patched: '2022-03-25T18:16:28.739Z'
+    - '@babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/helper-wrap-function > @babel/traverse > lodash':
+        patched: '2022-03-25T18:16:28.739Z'
+    - '@babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/helper-wrap-function > @babel/traverse > @babel/types > lodash':
+        patched: '2022-03-25T18:16:28.739Z'
+    - '@babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/helper-wrap-function > @babel/traverse > @babel/helper-split-export-declaration > @babel/types > lodash':
+        patched: '2022-03-25T18:16:28.739Z'
+    - '@babel/plugin-transform-async-to-generator > @babel/helper-remap-async-to-generator > @babel/helper-wrap-function > @babel/traverse > @babel/helper-function-name > @babel/template > @babel/types > lodash':
+        patched: '2022-03-25T18:16:28.739Z'
diff --git a/package-lock.json b/package-lock.json
index 5218a29..57cfafa 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2662,6 +2662,11 @@
         "type-detect": "4.0.8"
       }
     },
+    "@snyk/protect": {
+      "version": "1.883.0",
+      "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.883.0.tgz",
+      "integrity": "sha512-N/EqG6P/qNYWOfuZAfGS1d7yGwGY4zV7AvKtgTzdhazDt7G/mRLG6czLSWNWGEFYBiMsYRVPHdc5It3bjhmIGw=="
+    },
     "@szmarczak/http-timer": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-1.1.2.tgz",
diff --git a/package.json b/package.json
index 98e88af..242acb9 100644
--- a/package.json
+++ b/package.json
@@ -17,7 +17,9 @@
     "prepublishOnly": "npm run build:prod",
     "semantic-commit": "commit",
     "semantic-release": "semantic-release",
-    "travis-deploy-once": "travis-deploy-once"
+    "travis-deploy-once": "travis-deploy-once",
+    "prepare": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "license": "MIT",
   "repository": {
@@ -44,7 +46,8 @@
     "commander": "^5.1.0",
     "fuse.js": "^6.4.0",
     "inquirer": "^7.3.2",
-    "inquirer-autocomplete-prompt": "^1.0.2"
+    "inquirer-autocomplete-prompt": "^1.0.2",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "@babel/cli": "^7.8.4",
@@ -68,5 +71,6 @@
     "semantic-release": "^17.0.2",
     "travis-deploy-once": "^5.0.11",
     "utf-8-validate": "^5.0.2"
-  }
+  },
+  "snyk": true
 }