Merge pull request #50 from Musare/snyk-fix-847e3adc734e4fb826c485cb1a17c2b0

[Snyk] Fix for 1 vulnerabilities

frontend/.snyk

@@ -1,5 +1,10 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.13.5
-# ignores vulnerabilities until expiry date; change duration by modifying expiry date
-ignore:
-patch: {}
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - html-webpack-plugin > lodash:
+        patched: '2020-05-01T08:37:15.509Z'
+    - webpack-merge > lodash:
+        patched: '2020-05-01T08:37:15.509Z'

frontend/package.json

@@ -12,7 +12,9 @@
     "bundle-analyse": "webpack --config webpack.prod.js --profile --json > bundle-stats.json && npx webpack-bundle-analyzer bundle-stats.json --mode static --report bundle-report.html --no-open",
     "dev": "webpack-dev-server --config webpack.dev.js",
     "prod": "webpack --config webpack.prod.js",
-    "test": ""
+    "test": "",
+    "snyk-protect": "snyk protect",
+    "prepare": "yarn run snyk-protect"
   },
   "devDependencies": {
     "@babel/core": "^7.5.4",
@@ -33,7 +35,6 @@
     "node-sass": "^4.12.0",
     "prettier": "1.18.2",
     "sass-loader": "^7.1.0",
-    "snyk": "^1.208.0",
     "vue-hot-reload-api": "^2.3.3",
     "vue-style-loader": "^4.1.2",
     "vue-template-compiler": "^2.6.10",
@@ -56,6 +57,8 @@
     "vue-router": "^3.0.7",
     "vuex": "^3.1.1",
     "webpack-md5-hash": "0.0.6",
-    "webpack-merge": "^4.2.1"
-  }
+    "webpack-merge": "^4.2.1",
+    "snyk": "^1.316.1"
+  },
+  "snyk": true
 }