fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:marked:20170907 Latest report for polonel/trudesk: https://snyk.io/test/github/polonel/trudesk
polonel · Oct 31, 2017 · 590ddef · 590ddef
1 parent 9dc6236
commit 590ddef
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 3 deletions.
diff --git a/.snyk b/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.7.1
+version: v1.8.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
   'npm:ms:20170412':
@@ -55,3 +55,6 @@ patch:
         patched: '2017-10-17T23:24:34.128Z'
     - grunt-jsdoc > jsdoc > marked:
         patched: '2017-10-17T23:24:34.128Z'
+  'npm:marked:20170907':
+    - marked:
+        patched: '2017-10-31T23:21:19.994Z'
diff --git a/package.json b/package.json
@@ -12,7 +12,8 @@
     "webpackwatch": "webpack --config webpack.config.js --watch",
     "webpackdev": "webpack --config webpack.config.js",
     "webpackdist": "webpack --config webpack.config.dist.js",
-    "snyk-protect": "snyk protect"
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
   },
   "dependencies": {
     "ansi_up": "1.3.0",
@@ -79,7 +80,7 @@
     "sass-loader": "6.0.5",
     "script-loader": "0.7.0",
     "serve-favicon": "2.4.5",
-    "snyk": "^1.43.0",
+    "snyk": "^1.47.0",
     "socket.io": "2.0.2",
     "socket.io-client": "2.0.2",
     "style-loader": "0.17.0",