From 3427991cb0f6df023f96ce524bea7c911adf38b7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 30 Aug 2023 16:47:16 +0000
Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/npm:hoek:20180212


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:extend:20180424
- https://snyk.io/vuln/npm:stringstream:20180511
---
 .snyk        | 15 +++++++++++++++
 package.json | 11 +++++++----
 2 files changed, 22 insertions(+), 4 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..8891f7b
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,15 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:extend:20180424':
+    - less > request > extend:
+        patched: '2023-08-30T16:47:13.950Z'
+        id: 'npm:extend:20180424'
+        path: less > request > extend
+  'npm:stringstream:20180511':
+    - less > request > stringstream:
+        patched: '2023-08-30T16:47:13.950Z'
+        id: 'npm:stringstream:20180511'
+        path: less > request > stringstream
diff --git a/package.json b/package.json
index d750496..dcc2e81 100644
--- a/package.json
+++ b/package.json
@@ -8,7 +8,8 @@
     "build": "lessc less/index.less lib/index.css && rollup -c rollup.config.js",
     "build-example": "rollup -c rollup.config.js -o example/imports/rsg-components.js",
     "lint": "stylelint \"less/**/*.less\" --fix && flow check && eslint .",
-    "prepublish": "lessc less/index.less lib/index.css && rollup -c rollup.config.js"
+    "prepublish": "npm run snyk-protect && lessc less/index.less lib/index.css && rollup -c rollup.config.js",
+    "snyk-protect": "snyk-protect"
   },
   "license": "Apache-2.0",
   "repository": {
@@ -18,9 +19,10 @@
   "author": "RSG",
   "dependencies": {
     "aphrodite-jss": "^2.0.0",
-    "less": "^2.7.2",
+    "less": "^3.0.2",
     "lodash": "^4.17.4",
-    "react-dom": "^16.2.0"
+    "react-dom": "^16.2.0",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "@types/lodash": "^4.14.72",
@@ -61,5 +63,6 @@
   "jest": {
     "coverageDirectory": "./coverage/",
     "collectCoverage": true
-  }
+  },
+  "snyk": true
 }