diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..efa2b84
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - copy-webpack-plugin > lodash:
+        patched: '2020-05-01T05:18:26.151Z'
+    - html-webpack-plugin > lodash:
+        patched: '2020-05-01T05:18:26.151Z'
diff --git a/package.json b/package.json
index 4333dfb..9e2b3cf 100644
--- a/package.json
+++ b/package.json
@@ -19,7 +19,9 @@
     "cssfmt": "cssfmt www/css/main.css && git add www/css/main.css",
     "deploy": "gh-pages -d dist -b master",
     "pkg": "webpack -p",
-    "start": "foreman start"
+    "start": "foreman start",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "dependencies": {
     "copy-webpack-plugin": "^3.0.1",
@@ -30,11 +32,12 @@
     "html-loader": "^0.4.3",
     "html-webpack-plugin": "^2.22.0",
     "image-webpack-loader": "^2.0.0",
-    "jquery": "^2.2.2",
+    "jquery": "^3.5.0",
     "style-loader": "^0.13.1",
     "typed.js": "^1.1.1",
     "url-loader": "^0.5.7",
-    "webpack": "^1.13.1"
+    "webpack": "^1.13.1",
+    "snyk": "^1.316.1"
   },
   "devDependencies": {
     "cssfmt": "^2.1.5",
@@ -43,5 +46,6 @@
   },
   "pre-commit": [
     "cssfmt"
-  ]
+  ],
+  "snyk": true
 }