From d0e0d420ca014bbce0e588a9c408991c88a0558f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 25 Mar 2022 17:46:28 +0000
Subject: [PATCH] fix: functions/package.json, functions/package-lock.json &
 functions/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 functions/.snyk             |  8 ++++++++
 functions/package-lock.json |  5 +++++
 functions/package.json      | 10 +++++++---
 3 files changed, 20 insertions(+), 3 deletions(-)
 create mode 100644 functions/.snyk

diff --git a/functions/.snyk b/functions/.snyk
new file mode 100644
index 0000000..695937d
--- /dev/null
+++ b/functions/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.22.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - firebase-functions > lodash:
+        patched: '2022-03-25T17:46:17.705Z'
diff --git a/functions/package-lock.json b/functions/package-lock.json
index 7898f72..e65f0b9 100644
--- a/functions/package-lock.json
+++ b/functions/package-lock.json
@@ -253,6 +253,11 @@
       "integrity": "sha1-p3c2C1s5oaLlEG+OhY8v0tBgxXA=",
       "optional": true
     },
+    "@snyk/protect": {
+      "version": "1.883.0",
+      "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.883.0.tgz",
+      "integrity": "sha512-N/EqG6P/qNYWOfuZAfGS1d7yGwGY4zV7AvKtgTzdhazDt7G/mRLG6czLSWNWGEFYBiMsYRVPHdc5It3bjhmIGw=="
+    },
     "@tootallnate/once": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-1.0.0.tgz",
diff --git a/functions/package.json b/functions/package.json
index 42ee765..5c8e93c 100644
--- a/functions/package.json
+++ b/functions/package.json
@@ -7,7 +7,9 @@
     "shell": "firebase functions:shell",
     "start": "npm run shell",
     "deploy": "firebase deploy --only functions",
-    "logs": "firebase functions:log"
+    "logs": "firebase functions:log",
+    "prepare": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "engines": {
     "node": "8"
@@ -16,12 +18,14 @@
     "@magic-sdk/admin": "1.0.0",
     "dotenv": "^8.2.0",
     "firebase-admin": "^8.6.0",
-    "firebase-functions": "^3.3.0"
+    "firebase-functions": "^3.3.0",
+    "@snyk/protect": "latest"
   },
   "devDependencies": {
     "eslint": "^5.12.0",
     "eslint-plugin-promise": "^4.0.1",
     "firebase-functions-test": "^0.1.6"
   },
-  "private": true
+  "private": true,
+  "snyk": true
 }