From 2ef2a88909d9a1c546a16debf3adfcce237632a9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 8 Dec 2018 05:20:55 +0000
Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-72573
- https://snyk.io/vuln/npm:cryptiles:20180710
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:deep-extend:20180409
- https://snyk.io/vuln/npm:extend:20180424
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:sshpk:20180409
- https://snyk.io/vuln/npm:stringstream:20180511
- https://snyk.io/vuln/npm:tough-cookie:20170905


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:hoek:20180212
---
 .snyk        | 22 ++++++++++++++++++++++
 package.json | 10 +++++++---
 2 files changed, 29 insertions(+), 3 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..b373820
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,22 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:hoek:20180212':
+    - watchify > chokidar > fsevents > node-pre-gyp > hawk > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
+    - babel-cli > chokidar > fsevents > node-pre-gyp > hawk > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
+    - babel-cli > chokidar > fsevents > node-pre-gyp > hawk > boom > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
+    - watchify > chokidar > fsevents > node-pre-gyp > hawk > boom > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
+    - babel-cli > chokidar > fsevents > node-pre-gyp > hawk > sntp > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
+    - watchify > chokidar > fsevents > node-pre-gyp > hawk > sntp > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
+    - watchify > chokidar > fsevents > node-pre-gyp > hawk > cryptiles > boom > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
+    - babel-cli > chokidar > fsevents > node-pre-gyp > hawk > cryptiles > boom > hoek:
+        patched: '2018-12-08T05:20:53.861Z'
diff --git a/package.json b/package.json
index eb86190..e6b41f1 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,9 @@
     "test": "echo \"Error: no test specified\" && exit 1",
     "watch": "watchify . -d -v -o bundle.main.js",
     "start": "sed 's|bundle.min.js|bundle.main.js|g' index.html -i && http-server -p 3000 .",
-    "dist": "sed 's|bundle.main.js|bundle.min.js|g' index.html -i && browserify . -d | babel -s inline -f bundle.min.js --presets es2015 | uglifyjs --source-map content=inline,url=bundle.min.js.map --compress -o bundle.min.js"
+    "dist": "sed 's|bundle.main.js|bundle.min.js|g' index.html -i && browserify . -d | babel -s inline -f bundle.min.js --presets es2015 | uglifyjs --source-map content=inline,url=bundle.min.js.map --compress -o bundle.min.js",
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
   },
   "keywords": [
     "zeronet",
@@ -44,6 +46,8 @@
     "moment": "^2.20.1",
     "uglify-js": "^3.3.12",
     "watchify": "^3.10.0",
-    "zeronet": "github:ZeroNetJS/zeronet-js"
-  }
+    "zeronet": "github:ZeroNetJS/zeronet-js",
+    "snyk": "^1.116.2"
+  },
+  "snyk": true
 }