From 67aed58815e7c850b7b6d9a79390f34f2505fd56 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 17 Jan 2022 14:27:06 +0000
Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-174183
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
- https://snyk.io/vuln/SNYK-JS-JQUERY-174006
- https://snyk.io/vuln/SNYK-JS-JQUERY-565129
- https://snyk.io/vuln/SNYK-JS-JQUERY-567880
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-1056752
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090599
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090600
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090601
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090602
- https://snyk.io/vuln/SNYK-JS-WS-1296835
- https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936
- https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1255647
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:validator:20180218


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:ms:20170412
---
 .snyk        | 15 +++++++++++++++
 package.json | 16 ++++++++++------
 2 files changed, 25 insertions(+), 6 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..42d15a3
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,15 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.22.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - socket.io-client > engine.io-client > debug:
+        patched: '2022-01-17T14:27:03.277Z'
+    - socket.io-client > socket.io-parser > debug:
+        patched: '2022-01-17T14:27:03.277Z'
+  'npm:ms:20170412':
+    - socket.io-client > engine.io-client > debug > ms:
+        patched: '2022-01-17T14:27:03.277Z'
+    - socket.io-client > socket.io-parser > debug > ms:
+        patched: '2022-01-17T14:27:03.277Z'
diff --git a/package.json b/package.json
index 27ea164..a1bbf7f 100644
--- a/package.json
+++ b/package.json
@@ -7,7 +7,9 @@
     "start": "electron main.js",
     "commit": "git cz",
     "lint": "eslint .",
-    "fix-code": "eslint . --fix"
+    "fix-code": "eslint . --fix",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "repository": {
     "type": "git",
@@ -27,14 +29,16 @@
   "dependencies": {
     "backbone": "^1.3.2",
     "configstore": "^3.0.0",
-    "handlebars": "^4.0.5",
-    "jquery": "^3.1.1",
-    "socket.io-client": "^2.0.0",
-    "validator": "^7.0.0"
+    "handlebars": "^4.7.7",
+    "jquery": "^3.5.0",
+    "socket.io-client": "^2.4.0",
+    "validator": "^13.7.0",
+    "@snyk/protect": "latest"
   },
   "config": {
     "commitizen": {
       "path": "./node_modules/cz-conventional-changelog"
     }
-  }
+  },
+  "snyk": true
 }