From f1a535826e5ce23e3301ac61bbed603c96b1e1ad Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 3 Sep 2021 21:30:50 +0000
Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/npm:minimatch:20160620


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:minimatch:20160620
---
 .snyk        | 20 ++++++++++++++++++++
 package.json | 12 ++++++++----
 2 files changed, 28 insertions(+), 4 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..1339b9e
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,20 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.21.5
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:minimatch:20160620':
+    - gulp > vinyl-fs > glob-stream > minimatch:
+        patched: '2021-09-03T21:30:48.269Z'
+    - trailpack-gulp > gulp > vinyl-fs > glob-stream > minimatch:
+        patched: '2021-09-03T21:30:48.269Z'
+    - trailpack-gulp > gulp > vinyl-fs > glob-stream > glob > minimatch:
+        patched: '2021-09-03T21:30:48.269Z'
+    - gulp > vinyl-fs > glob-watcher > gaze > globule > minimatch:
+        patched: '2021-09-03T21:30:48.269Z'
+    - gulp > vinyl-fs > glob-watcher > gaze > globule > glob > minimatch:
+        patched: '2021-09-03T21:30:48.269Z'
+    - trailpack-gulp > gulp > vinyl-fs > glob-watcher > gaze > globule > minimatch:
+        patched: '2021-09-03T21:30:48.269Z'
+    - trailpack-gulp > gulp > vinyl-fs > glob-watcher > gaze > globule > glob > minimatch:
+        patched: '2021-09-03T21:30:48.269Z'
diff --git a/package.json b/package.json
index 3b7ce01..bdb1ab7 100644
--- a/package.json
+++ b/package.json
@@ -18,7 +18,7 @@
   ],
   "dependencies": {
     "eslint-config-trails": "^2.0.6",
-    "gulp": "^3.9.1",
+    "gulp": "^4.0.0",
     "gulp-babel": "^6.1.2",
     "gulp-plumber": "^1.1.0",
     "gulp-sass": "^3.1.0",
@@ -34,7 +34,8 @@
     "trailpack-sequelize": "^2.0.0",
     "trails": "v2-latest",
     "winston": "^2.3",
-    "wreck": "^10.0.0"
+    "wreck": "^10.0.0",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "babel-preset-es2015": "^6.18.0",
@@ -47,7 +48,9 @@
     "supertest": "^1.2"
   },
   "scripts": {
-    "test": "eslint . && mocha"
+    "test": "eslint . && mocha",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "engines": {
     "node": ">= 4.0.0"
@@ -56,5 +59,6 @@
     "extends": "trails"
   },
   "repository": "git@github.com:Code4HR/hrtb.us.git",
-  "license": "MIT"
+  "license": "MIT",
+  "snyk": true
 }