From ed95521008b6d27f730c10c5f808e22413ac977e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 10 Apr 2019 04:03:58 +0000
Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-173700
- https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889
- https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72890
- https://snyk.io/vuln/SNYK-JS-ELECTRON-174045
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/npm:angular:20180202
- https://snyk.io/vuln/npm:bootstrap:20160627
- https://snyk.io/vuln/npm:bootstrap:20180529
- https://snyk.io/vuln/npm:electron:20180123
- https://snyk.io/vuln/npm:electron:20180307
- https://snyk.io/vuln/npm:electron:20180323
- https://snyk.io/vuln/npm:electron:20180822
- https://snyk.io/vuln/npm:lodash:20180130


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:lodash:20180130
---
 .snyk        | 11 ++++++++++-
 package.json | 10 +++++-----
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/.snyk b/.snyk
index 70bbf6e..0bb58fd 100644
--- a/.snyk
+++ b/.snyk
@@ -1,8 +1,17 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.8.0
+version: v1.13.3
 ignore: {}
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   'npm:uglify-js:20151024':
     - owasp-threat-dragon-core > nools > uglify-js:
         patched: '2017-12-03T22:34:47.344Z'
+  'npm:lodash:20180130':
+    - owasp-threat-dragon-core > jointjs > lodash:
+        patched: '2019-04-10T04:03:56.798Z'
+    - owasp-threat-dragon-core > jointjs > graphlib > lodash:
+        patched: '2019-04-10T04:03:56.798Z'
+    - owasp-threat-dragon-core > jointjs > dagre > lodash:
+        patched: '2019-04-10T04:03:56.798Z'
+    - owasp-threat-dragon-core > jointjs > dagre > graphlib > lodash:
+        patched: '2019-04-10T04:03:56.798Z'
diff --git a/package.json b/package.json
index a3b4d60..1b6a91d 100644
--- a/package.json
+++ b/package.json
@@ -39,21 +39,21 @@
     "url": "git://github.com/mike-goodwin/owasp-threat-dragon-desktop.git"
   },
   "dependencies": {
-    "angular": "1.6.8",
+    "angular": "1.6.9",
     "angular-animate": "1.6.8",
     "angular-route": "1.6.8",
     "angular-ui-bootstrap": "2.5.6",
     "angular-xeditable": "0.8.1",
-    "bootstrap": "3.3.7",
-    "electron": "1.7.9",
+    "bootstrap": "3.4.1",
+    "electron": "2.0.18",
     "electron-debug": "1.4.0",
     "electron-squirrel-startup": "^1.0.0",
     "font-awesome": "4.7.0",
     "fs-promise": "2.0.3",
     "jquery": "3.0.0",
-    "lodash": "4.13.1",
+    "lodash": "4.17.11",
     "owasp-threat-dragon-core": "0.5.1",
-    "snyk": "^1.53.0"
+    "snyk": "^1.149.0"
   },
   "devDependencies": {
     "angular-mocks": "1.6.8",