fix: .snyk, package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202
2024-11-22 08:01:02 +01:00 · 2019-07-03 21:07:16 +00:00 · 2019-07-03 21:07:16 +00:00 · 2e5172b3d6
commit 2e5172b3d6
parent 26209e9fab
3 changed files with 2122 additions and 143 deletions
--- a/.snyk
+++ b/.snyk
@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-450202:
+    - restify > lodash:
+        patched: '2019-07-03T21:06:51.075Z'
+    - restify > restify-errors > lodash:
+        patched: '2019-07-03T21:06:51.075Z'
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -11,7 +11,8 @@
    "mjpeg-server": "^0.3.0",
    "pi-spi": "^1.0.3",
    "restify": "^6.4.0",
-    "vm2": "^3.6.10"
+    "vm2": "^3.6.10",
+    "snyk": "^1.189.0"
  },
  "devDependencies": {
    "eslint": "^4.19.1",
@ -20,7 +21,9 @@
  },
  "scripts": {
    "test": "jest --forceExit",
-    "lint": "./node_modules/.bin/eslint drivers/* controllers/*"
+    "lint": "./node_modules/.bin/eslint drivers/* controllers/*",
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
  },
  "jest": {
    "name": "pixdisp",
@ -36,5 +39,6 @@
      "drivers/**",
      "controllers/**"
    ]
-  }
+  },
+  "snyk": true
 }