From ae30950fcd3c6c95ca137070bffcde9931f56f23 Mon Sep 17 00:00:00 2001
From: snyk-bot <admin+snyk-bot@snyk.io>
Date: Sat, 24 Dec 2016 19:53:46 +0000
Subject: [PATCH 1/5] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:ms:20151024


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:uglify-js:20151024

Latest report for randallkent/redisred:
https://snyk.io/test/github/randallkent/redisred

Some vulnerabilities weren't fixed or ignored, and so will still fail
the Snyk test report.
---
 .snyk        |  8 ++++++++
 package.json | 12 ++++++++----
 2 files changed, 16 insertions(+), 4 deletions(-)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..b9dae28
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.7.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:uglify-js:20151024':
+    - jade > transformers > uglify-js:
+        patched: '2016-12-24T19:53:44.732Z'
diff --git a/package.json b/package.json
index d19ffa3..d09b1fa 100644
--- a/package.json
+++ b/package.json
@@ -7,7 +7,9 @@
     "start-redis": "redis-server > /dev/null & echo $! > redis.pid",
     "stop-redis": "kill -TERM $(cat redis.pid) && rm redis.pid",
     "create-config": "cp .env.config .env",
-    "start": "node app.js"
+    "start": "node app.js",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "repository": {
     "type": "git",
@@ -26,7 +28,7 @@
   "homepage": "https://github.com/Detry322/redisred",
   "dependencies": {
     "body-parser": "^1.13.2",
-    "connect-redis": "^2.4.0",
+    "connect-redis": "^3.0.0",
     "cookie-parser": "^1.3.5",
     "csurf": "^1.8.3",
     "dotenv": "^1.2.0",
@@ -38,6 +40,8 @@
     "morgan": "^1.6.1",
     "passport": "^0.2.2",
     "passport-local": "^1.0.0",
-    "serve-favicon": "^2.3.0"
-  }
+    "serve-favicon": "^2.3.0",
+    "snyk": "^1.22.1"
+  },
+  "snyk": true
 }

From 578155bcc95dc44f3c104ef8cb295e6846a023a0 Mon Sep 17 00:00:00 2001
From: snyk-bot <admin+snyk-bot@snyk.io>
Date: Sun, 21 May 2017 15:18:04 +0000
Subject: [PATCH 2/5] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:uglify-js:20150824

Latest report for randallkent/redisred:
https://snyk.io/test/github/randallkent/redisred
---
 .snyk        | 6 ++++++
 package.json | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/.snyk b/.snyk
index b9dae28..442a0a1 100644
--- a/.snyk
+++ b/.snyk
@@ -6,3 +6,9 @@ patch:
   'npm:uglify-js:20151024':
     - jade > transformers > uglify-js:
         patched: '2016-12-24T19:53:44.732Z'
+  'npm:ms:20170412':
+    - morgan > debug > ms:
+        patched: '2017-05-21T15:18:02.643Z'
+  'npm:uglify-js:20150824':
+    - jade > transformers > uglify-js:
+        patched: '2017-05-21T15:18:02.643Z'
diff --git a/package.json b/package.json
index d09b1fa..d0494ea 100644
--- a/package.json
+++ b/package.json
@@ -41,7 +41,7 @@
     "passport": "^0.2.2",
     "passport-local": "^1.0.0",
     "serve-favicon": "^2.3.0",
-    "snyk": "^1.22.1"
+    "snyk": "^1.30.1"
   },
   "snyk": true
 }

From 92934d32e1c3083c79ce2a804cc38cfb03416c43 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 17 Feb 2018 00:49:21 +0000
Subject: [PATCH 3/5] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:lodash:20180130

Latest report for randallkent/redisred:
https://snyk.io/test/github/randallkent/redisred
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index d0494ea..d0b3d38 100644
--- a/package.json
+++ b/package.json
@@ -35,7 +35,7 @@
     "express": "^4.13.1",
     "express-session": "^1.11.3",
     "hiredis": "^0.4.0",
-    "ioredis": "^1.5.11",
+    "ioredis": "^2.0.0",
     "jade": "^1.11.0",
     "morgan": "^1.6.1",
     "passport": "^0.2.2",

From 422e507e76262c98690ee30c162d9cbda794850f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 7 Jul 2018 04:28:37 +0000
Subject: [PATCH 4/5] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:lodash:20180130
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index d0494ea..d0b3d38 100644
--- a/package.json
+++ b/package.json
@@ -35,7 +35,7 @@
     "express": "^4.13.1",
     "express-session": "^1.11.3",
     "hiredis": "^0.4.0",
-    "ioredis": "^1.5.11",
+    "ioredis": "^2.0.0",
     "jade": "^1.11.0",
     "morgan": "^1.6.1",
     "passport": "^0.2.2",

From 28adb993f7790a964dd8ce6dca71e07e260bd496 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 9 Feb 2019 06:22:00 +0000
Subject: [PATCH 5/5] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index d0494ea..d0b3d38 100644
--- a/package.json
+++ b/package.json
@@ -35,7 +35,7 @@
     "express": "^4.13.1",
     "express-session": "^1.11.3",
     "hiredis": "^0.4.0",
-    "ioredis": "^1.5.11",
+    "ioredis": "^2.0.0",
     "jade": "^1.11.0",
     "morgan": "^1.6.1",
     "passport": "^0.2.2",