From 54e571c6bd3fb9c5d26d72af1c0b126f14022334 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 1 Sep 2023 12:27:34 +0000
Subject: [PATCH] fix: package.json, yarn.lock & .snyk to reduce
 vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:extend:20180424
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:stringstream:20180511
---
 .snyk        | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 package.json | 12 ++++++----
 yarn.lock    |  5 ++++
 3 files changed, 81 insertions(+), 4 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..a14ad29
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,68 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:extend:20180424':
+    - jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > request > extend:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:extend:20180424'
+        path: >-
+          jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > request >
+          extend
+    - react-scripts > webpack > watchpack > chokidar > fsevents > node-pre-gyp > request > extend:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:extend:20180424'
+        path: >-
+          react-scripts > webpack > watchpack > chokidar > fsevents >
+          node-pre-gyp > request > extend
+  'npm:hoek:20180212':
+    - jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > hawk > hoek:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:hoek:20180212'
+        path: >-
+          jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > hawk >
+          hoek
+    - jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > hawk > boom > hoek:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:hoek:20180212'
+        path: >-
+          jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > hawk >
+          boom > hoek
+    - jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > hawk > sntp > hoek:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:hoek:20180212'
+        path: >-
+          jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > hawk >
+          sntp > hoek
+    - react-scripts > webpack > watchpack > chokidar > fsevents > node-pre-gyp > hawk > hoek:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:hoek:20180212'
+        path: >-
+          react-scripts > webpack > watchpack > chokidar > fsevents >
+          node-pre-gyp > hawk > hoek
+    - react-scripts > webpack > watchpack > chokidar > fsevents > node-pre-gyp > hawk > boom > hoek:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:hoek:20180212'
+        path: >-
+          react-scripts > webpack > watchpack > chokidar > fsevents >
+          node-pre-gyp > hawk > boom > hoek
+    - react-scripts > webpack > watchpack > chokidar > fsevents > node-pre-gyp > hawk > sntp > hoek:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:hoek:20180212'
+        path: >-
+          react-scripts > webpack > watchpack > chokidar > fsevents >
+          node-pre-gyp > hawk > sntp > hoek
+  'npm:stringstream:20180511':
+    - jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > request > stringstream:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:stringstream:20180511'
+        path: >-
+          jest-cli > jest-haste-map > sane > fsevents > node-pre-gyp > request >
+          stringstream
+    - react-scripts > webpack > watchpack > chokidar > fsevents > node-pre-gyp > request > stringstream:
+        patched: '2023-09-01T12:27:01.455Z'
+        id: 'npm:stringstream:20180511'
+        path: >-
+          react-scripts > webpack > watchpack > chokidar > fsevents >
+          node-pre-gyp > request > stringstream
diff --git a/package.json b/package.json
index 95b66d3..57bd929 100644
--- a/package.json
+++ b/package.json
@@ -7,7 +7,7 @@
     "type": "git",
     "url": "https://github.com/jamesmart77/chedah.git"
   },
-  "homepage" : "https://chedah.herokuapp.com/",
+  "homepage": "https://chedah.herokuapp.com/",
   "scripts": {
     "server": "node server.js",
     "client": "node scripts/start-client.js",
@@ -16,7 +16,9 @@
     "build": "node scripts/build.js",
     "seed": "node scripts/seedDB.js",
     "test": "mocha --exit",
-    "installDeps": "yarn && cd client && yarn"
+    "installDeps": "yarn && cd client && yarn",
+    "prepare": "yarn run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "author": "James Martineau, Ben Baumann, Michelle Baumann, Michael Fessenden, Justin Rice ",
   "license": "ISC",
@@ -58,6 +60,8 @@
     "react-moment": "^0.7.0",
     "react-router": "^4.2.0",
     "react-scripts": "^1.1.1",
-    "redis": "^2.8.0"
-  }
+    "redis": "^2.8.0",
+    "@snyk/protect": "latest"
+  },
+  "snyk": true
 }
diff --git a/yarn.lock b/yarn.lock
index 9342d55..90d88e3 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -16,6 +16,11 @@
     esutils "^2.0.2"
     js-tokens "^3.0.0"
 
+"@snyk/protect@^1.1209.0":
+  version "1.1209.0"
+  resolved "https://registry.yarnpkg.com/@snyk/protect/-/protect-1.1209.0.tgz#9e938362cf684576ead289916274cf8bd5f4e0ce"
+  integrity sha512-E370Imyh7tnkgaYJdjL+Skb7thgcPcSiIISbUhA6/ZtjKGzGLveLXGAjID9nQlizoO+P+D3UfssnE16GJZjWPw==
+
 "@types/body-parser@*":
   version "1.16.8"
   resolved "https://registry.yarnpkg.com/@types/body-parser/-/body-parser-1.16.8.tgz#687ec34140624a3bec2b1a8ea9268478ae8f3be3"