From 9e749cf502677c9e91e8c1f0b09d7ac23fb52cb7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 1 May 2020 07:20:48 +0200
Subject: [PATCH 1/2] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 package.json | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 532e057b..82aa7654 100644
--- a/package.json
+++ b/package.json
@@ -61,7 +61,9 @@
     "git-loc": "git ls-files | grep -v plantuml.jar | xargs cat | grep -v '^\\s*$' | wc -l ",
     "git-src": "git ls-files | grep -v plantuml.jar",
     "dep-local": "echo node_modules/* | xargs basename | sort -u | awk '{print $1}'",
-    "dep-local-all": "find node_modules/ -iname node_modules | xargs /bin/ls -w1 | grep -v '^$' | grep -v 'node_modules' | sort -u | awk '{print $1}'"
+    "dep-local-all": "find node_modules/ -iname node_modules | xargs /bin/ls -w1 | grep -v '^$' | grep -v 'node_modules' | sort -u | awk '{print $1}'",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "dependencies": {
     "bluebird": "^3.4.6",
@@ -76,7 +78,8 @@
     "nodelib-mpe": "^0.0.6",
     "qs": "6.3.0",
     "request-promise": "^4.1.1",
-    "semver": "^5.3.0"
+    "semver": "^5.3.0",
+    "snyk": "^1.316.1"
   },
   "optionalDependencies": {
     "bookshelf": "^0.10.2",
@@ -130,5 +133,6 @@
     "text-table": "latest",
     "webpack": "^1.13.3",
     "webpack-dev-server": "^1.16.2"
-  }
+  },
+  "snyk": true
 }

From e83973358c0da111b09f2ef09ed3c02000e79b09 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 1 May 2020 07:20:49 +0200
Subject: [PATCH 2/2] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 .snyk | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/.snyk b/.snyk
index ad46b762..555beb0b 100644
--- a/.snyk
+++ b/.snyk
@@ -1,3 +1,10 @@
-version: v1.5.2
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
 ignore: {}
-patch: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - lodash:
+        patched: '2020-05-01T05:20:45.219Z'
+    - request-promise > request-promise-core > lodash:
+        patched: '2020-05-01T05:20:45.219Z'