diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..f5f7070
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,14 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - browser-sync > connect > debug:
+        patched: '2018-06-01T05:25:35.386Z'
+    - browser-sync > connect > finalhandler > debug:
+        patched: '2018-06-01T05:25:35.386Z'
+    - browser-sync > serve-index > debug:
+        patched: '2018-06-01T05:25:35.386Z'
+    - browser-sync > localtunnel > debug:
+        patched: '2018-06-01T05:25:35.386Z'
diff --git a/package.json b/package.json
index f32bc98..d268682 100644
--- a/package.json
+++ b/package.json
@@ -27,10 +27,10 @@
     "babel-preset-es2015": "^6.13.2",
     "babel-preset-react": "^6.11.1",
     "babel-runtime": "^6.11.6",
-    "browser-sync": "2.12.9",
+    "browser-sync": "2.24.0",
     "browser-sync-close-hook": "^1.0.5",
     "bundle-loader": "^0.5.4",
-    "clean-css": "^3.4.19",
+    "clean-css": "^4.1.11",
     "conventional-github-releaser": "^1.1.3",
     "dotenv": "^4.0.0",
     "event-stream": "^3.3.4",
@@ -39,7 +39,7 @@
     "fs": "0.0.2",
     "glob": "^7.0.6",
     "gm": "^1.23.0",
-    "gulp": "^3.9.1",
+    "gulp": "^4.0.0",
     "gulp-babel": "^6.1.2",
     "gulp-bless": "^3.1.0",
     "gulp-bump": "^2.7.0",
@@ -72,7 +72,7 @@
     "gulp-shell": "^0.5.2",
     "gulp-size": "^2.1.0",
     "gulp-sourcemaps": "^1.6.0",
-    "gulp-stylelint": "^3.4.0",
+    "gulp-stylelint": "^4.0.0",
     "gulp-stylelint-checkstyle-reporter": "^0.2.0",
     "gulp-svgmin": "^1.2.2",
     "gulp-svgstore": "^6.0.0",
@@ -95,7 +95,7 @@
     "path": "^0.12.7",
     "penthouse": "^0.9.14",
     "phantomjs-prebuilt": "^2.1.12",
-    "postcss-assets": "^4.1.0",
+    "postcss-assets": "^5.0.0",
     "postcss-discard-duplicates": "^2.0.1",
     "postcss-import": "^7.1.3",
     "postcss-reporter": "^1.4.1",
@@ -111,12 +111,18 @@
     "support-for": "^1.0.6",
     "through2": "^2.0.1",
     "uglify-js": "^2.7.0",
-    "webpack": "^1.13.1",
+    "webpack": "^2.2.0",
     "webpack-dev-middleware": "^1.6.1",
-    "webpack-dev-server": "^1.14.1",
+    "webpack-dev-server": "^3.1.2",
     "webpack-hot-middleware": "^2.12.2",
     "webpack-module-hot-accept": "^1.0.4",
-    "webpack-stream": "^3.2.0",
-    "yargs": "^4.8.1"
-  }
+    "webpack-stream": "^4.0.0",
+    "yargs": "^4.8.1",
+    "snyk": "^1.82.0"
+  },
+  "scripts": {
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
+  },
+  "snyk": true
 }