fix: package.json, yarn.lock & .snyk to reduce vulnerabilities

snyk-bot · snyk-bot · commit 5afd635f235d · 2020-06-08T08:11:34.000Z
The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
diff --git a/.snyk b/.snyk
@@ -68,6 +68,10 @@ patch:
         patched: '2020-05-18T14:51:52.339Z'
     - serverless > @serverless/components > @serverless/platform-client-china > @serverless/utils-china > @tencent-sdk/capi > request-promise-native > request-promise-core > lodash:
         patched: '2020-05-18T14:51:52.339Z'
+    - serverless > json-refs > lodash:
+        patched: '2020-06-08T08:10:57.712Z'
+    - serverless > @serverless/inquirer > inquirer > lodash:
+        patched: '2020-06-08T08:10:57.712Z'
   'npm:debug:20170905':
     - serverless > @serverless/components > @serverless/platform-client-china > @serverless/utils-china > socket.io-stream > debug:
         patched: '2020-05-18T14:51:52.339Z'
diff --git a/package.json b/package.json
@@ -25,7 +25,7 @@
   "dependencies": {
     "chrome-aws-lambda": "^2.0.2",
     "puppeteer-core": "^2.1.1",
-    "snyk": "^1.321.0"
+    "snyk": "^1.336.0"
   },
   "scripts": {
     "snyk-protect": "snyk protect",
diff --git a/yarn.lock b/yarn.lock
@@ -5751,7 +5751,7 @@ snyk-try-require@1.3.1, snyk-try-require@^1.1.1, snyk-try-require@^1.3.1:
     lru-cache "^4.0.0"
     then-fs "^2.0.0"
 
-snyk@^1.321.0:
+snyk@1.336.0, snyk@^1.336.0:
   version "1.336.0"
   resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.336.0.tgz#674056ea4f444d33cc23263845eea903d60b686c"
   integrity sha512-Dzk2xpaHZahZmjM8s3VHRPJgU1q28MAZr1TfnuRLIGDRT4eRiUdiFWdFMC6xqto7VJGJr31HYn1Di4Luv/1Bgg==
