From 0c5bd8945571806c76f815e05d37b33b7832f93a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 20 Jun 2018 03:22:48 +0000
Subject: [PATCH] fix: .snyk & package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:clean-css:20180306
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:deep-extend:20180409
- https://snyk.io/vuln/npm:fresh:20170908
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:tough-cookie:20170905
- https://snyk.io/vuln/npm:tunnel-agent:20170305
- https://snyk.io/vuln/npm:ua-parser-js:20171012
- https://snyk.io/vuln/npm:ws:20160920
- https://snyk.io/vuln/npm:ws:20171108


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:hoek:20180212
---
 .snyk        | 31 +++++++++++++++++++++++++++++++
 package.json | 26 ++++++++++++++++----------
 2 files changed, 47 insertions(+), 10 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..7688618
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,31 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - browser-sync > connect > debug:
+        patched: '2018-06-20T03:22:46.243Z'
+    - browser-sync > serve-index > debug:
+        patched: '2018-06-20T03:22:46.243Z'
+    - browser-sync > localtunnel > debug:
+        patched: '2018-06-20T03:22:46.243Z'
+    - browser-sync > connect > finalhandler > debug:
+        patched: '2018-06-20T03:22:46.243Z'
+  'npm:hoek:20180212':
+    - gulp-sass > node-sass > node-gyp > request > hawk > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
+    - gulp-sass > node-sass > node-gyp > request > hawk > boom > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
+    - node-sass > node-gyp > request > hawk > cryptiles > boom > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
+    - gulp-sass > node-sass > node-gyp > request > hawk > cryptiles > boom > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
+    - node-sass > node-gyp > request > hawk > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
+    - node-sass > node-gyp > request > hawk > boom > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
+    - node-sass > node-gyp > request > hawk > sntp > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
+    - gulp-sass > node-sass > node-gyp > request > hawk > sntp > hoek:
+        patched: '2018-06-20T03:22:46.243Z'
diff --git a/package.json b/package.json
index f32bc98..ad18327 100644
--- a/package.json
+++ b/package.json
@@ -27,10 +27,10 @@
     "babel-preset-es2015": "^6.13.2",
     "babel-preset-react": "^6.11.1",
     "babel-runtime": "^6.11.6",
-    "browser-sync": "2.12.9",
+    "browser-sync": "2.24.0",
     "browser-sync-close-hook": "^1.0.5",
     "bundle-loader": "^0.5.4",
-    "clean-css": "^3.4.19",
+    "clean-css": "^4.1.11",
     "conventional-github-releaser": "^1.1.3",
     "dotenv": "^4.0.0",
     "event-stream": "^3.3.4",
@@ -39,7 +39,7 @@
     "fs": "0.0.2",
     "glob": "^7.0.6",
     "gm": "^1.23.0",
-    "gulp": "^3.9.1",
+    "gulp": "^4.0.0",
     "gulp-babel": "^6.1.2",
     "gulp-bless": "^3.1.0",
     "gulp-bump": "^2.7.0",
@@ -72,7 +72,7 @@
     "gulp-shell": "^0.5.2",
     "gulp-size": "^2.1.0",
     "gulp-sourcemaps": "^1.6.0",
-    "gulp-stylelint": "^3.4.0",
+    "gulp-stylelint": "^4.0.0",
     "gulp-stylelint-checkstyle-reporter": "^0.2.0",
     "gulp-svgmin": "^1.2.2",
     "gulp-svgstore": "^6.0.0",
@@ -95,7 +95,7 @@
     "path": "^0.12.7",
     "penthouse": "^0.9.14",
     "phantomjs-prebuilt": "^2.1.12",
-    "postcss-assets": "^4.1.0",
+    "postcss-assets": "^5.0.0",
     "postcss-discard-duplicates": "^2.0.1",
     "postcss-import": "^7.1.3",
     "postcss-reporter": "^1.4.1",
@@ -111,12 +111,18 @@
     "support-for": "^1.0.6",
     "through2": "^2.0.1",
     "uglify-js": "^2.7.0",
-    "webpack": "^1.13.1",
+    "webpack": "^2.2.0",
     "webpack-dev-middleware": "^1.6.1",
-    "webpack-dev-server": "^1.14.1",
+    "webpack-dev-server": "^3.1.2",
     "webpack-hot-middleware": "^2.12.2",
     "webpack-module-hot-accept": "^1.0.4",
-    "webpack-stream": "^3.2.0",
-    "yargs": "^4.8.1"
-  }
+    "webpack-stream": "^4.0.0",
+    "yargs": "^4.8.1",
+    "snyk": "^1.83.0"
+  },
+  "scripts": {
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
+  },
+  "snyk": true
 }