fix: package.json, package-lock.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-TREEKILL-536781
snyk-labs · Dec 12, 2019 · 9c6a16d · 9c6a16d
1 parent 5ed416c
commit 9c6a16d
Show file tree

Hide file tree

Showing 3 changed files with 638 additions and 567 deletions.
diff --git a/.snyk b/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.13.5
+version: v1.14.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
   'npm:braces:20180219':
@@ -19,4 +19,8 @@ ignore:
     - node-jq > download > caw > tunnel-agent:
         reason: None given
         expires: '2019-11-09T19:08:50.450Z'
-patch: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-TREEKILL-536781:
+    - snyk > snyk-sbt-plugin > tree-kill:
+        patched: '2019-12-12T03:22:16.355Z'