Merge pull request #92 from spences10/snyk-fix-ef503a1c

[Snyk Update] New fixes for 2 vulnerable dependency paths
spences10 · Jan 13, 2018 · d88fa9d · d88fa9d
2 parents 0eb643e + 7ab318a
commit d88fa9d
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 3 deletions.
diff --git a/.snyk b/.snyk
@@ -0,0 +1,11 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.10.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - gatsby-plugin-favicon > favicons-webpack-plugin > favicons > node-rest-client > debug:
+        patched: '2018-01-13T15:46:26.153Z'
+  'npm:ms:20170412':
+    - gatsby-plugin-favicon > favicons-webpack-plugin > favicons > node-rest-client > debug > ms:
+        patched: '2018-01-13T15:46:26.153Z'
diff --git a/package.json b/package.json
@@ -18,7 +18,8 @@
     "gatsby-source-filesystem": "1.5.11",
     "gatsby-transformer-remark": "1.7.28",
     "react-helmet": "5.2.0",
-    "styled-components": "2.4.0"
+    "styled-components": "2.4.0",
+    "snyk": "^1.68.0"
   },
   "devDependencies": {
     "eslint": "4.15.0",
@@ -46,7 +47,9 @@
     "deploy": "now scottblog/ --token $NOW_TOKEN",
     "alias:dev": "now alias scottspence.now.sh --token $NOW_TOKEN",
     "alias:prod": "now alias blog.scottspence.me --token $NOW_TOKEN",
-    "cleanup": "now rm scottblog --safe --yes --token $NOW_TOKEN"
+    "cleanup": "now rm scottblog --safe --yes --token $NOW_TOKEN",
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
   },
   "repository": {
     "type": "git",
@@ -55,5 +58,6 @@
   "bugs": {
     "url": "https://github.com/spences10/blog.scottspence.me/issues"
   },
-  "homepage": "https://github.com/spences10/blog.scottspence.me#readme"
+  "homepage": "https://github.com/spences10/blog.scottspence.me#readme",
+  "snyk": true
 }