Merge pull request #1 from OOCAZ/snyk-fix-0378558bc99563cd54bfee57a4ca5c9b

OOCAZ · web-flow · commit f7b70bf9dcc0 · 2023-02-22T07:22:16.000-07:00
[Snyk] Fix for 1 vulnerabilities
diff --git a/.snyk b/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - inquirer > lodash:
+        patched: '2023-01-23T05:57:07.570Z'
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -13,7 +13,9 @@
     "create-react-library": "index.js"
   },
   "scripts": {
-    "test": "ava -v && standard *.js lib/*.js"
+    "test": "ava -v && standard *.js lib/*.js",
+    "prepare": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "keywords": [
     "react",
@@ -44,7 +46,8 @@
     "p-each-series": "^2.1.0",
     "parse-git-config": "^3.0.0",
     "validate-npm-package-name": "^3.0.0",
-    "which": "^2.0.2"
+    "which": "^2.0.2",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "ava": "^3.5.2",
@@ -58,5 +61,6 @@
       "index.test.js",
       "lib/**/*.test.js"
     ]
-  }
+  },
+  "snyk": true
 }
