fix: .snyk & package.json to reduce vulnerabilities (#9382)

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202
2020-01-31 05:59:31 +01:00 · 2020-01-31 05:59:31 +01:00 · 214a494a9d
commit 214a494a9d
parent 5db37f257d
2 changed files with 11 additions and 4 deletions
--- a/.snyk
+++ b/.snyk
@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.13.3
+version: v1.14.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
  SNYK-JS-AWESOMPLETE-174474:
@ -15,3 +15,6 @@ patch:
  'npm:extend:20180424':
    - superagent > extend:
        patched: '2019-05-09T10:14:19.246Z'
+  SNYK-JS-LODASH-450202:
+    - frappe-datatable > lodash:
+        patched: '2020-01-31T01:33:09.889Z'
--- a/package.json
+++ b/package.json
@ -5,7 +5,9 @@
    "production": "FRAPPE_ENV=production node rollup/build.js",
    "watch": "node rollup/watch.js",
    "cypress:run": "cypress run --record --key 4a48f41c-11b3-425b-aa88-c58048fa69eb",
-    "cypress:open": "cypress open"
+    "cypress:open": "cypress open",
+    "snyk-protect": "snyk protect",
+    "prepare": "yarn run snyk-protect"
  },
  "repository": {
    "type": "git",
@ -43,7 +45,8 @@
    "superagent": "^3.8.2",
    "touch": "^3.1.0",
    "vue": "^2.6.8",
-    "vue-router": "^2.0.0"
+    "vue-router": "^2.0.0",
+    "snyk": "^1.288.0"
  },
  "devDependencies": {
    "babel-runtime": "^6.26.0",
@ -61,5 +64,6 @@
    "rollup-plugin-terser": "^4.0.4",
    "rollup-plugin-vue": "4.2.0",
    "vue-template-compiler": "^2.6.8"
-  }
+  },
+  "snyk": true
 }