From e55f9ec03d0f4e4fc0433bccbd5326aa8f067d36 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 21 Nov 2018 23:25:59 +0000
Subject: [PATCH] fix: example/compiler-pipeline/.snyk &
 example/compiler-pipeline/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:shell-quote:20160621
- https://snyk.io/vuln/npm:uglify-js:20151024


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:uglify-js:20151024
---
 example/compiler-pipeline/.snyk        | 10 ++++++++++
 example/compiler-pipeline/package.json | 12 +++++++++---
 2 files changed, 19 insertions(+), 3 deletions(-)
 create mode 100644 example/compiler-pipeline/.snyk

diff --git a/example/compiler-pipeline/.snyk b/example/compiler-pipeline/.snyk
new file mode 100644
index 0000000..68bc438
--- /dev/null
+++ b/example/compiler-pipeline/.snyk
@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:uglify-js:20151024':
+    - browserify > umd > ruglify > uglify-js:
+        patched: '2018-11-21T23:25:57.944Z'
+    - browserify > browser-pack > umd > ruglify > uglify-js:
+        patched: '2018-11-21T23:25:57.944Z'
diff --git a/example/compiler-pipeline/package.json b/example/compiler-pipeline/package.json
index 95b7791..033f3da 100644
--- a/example/compiler-pipeline/package.json
+++ b/example/compiler-pipeline/package.json
@@ -1,7 +1,13 @@
 {
   "dependencies": {
-    "browserify": "^5.9.1",
+    "browserify": "^12.0.0",
     "shasum": "^1.0.0",
-    "through2": "^1.0.0"
-  }
+    "through2": "^1.0.0",
+    "snyk": "^1.110.1"
+  },
+  "scripts": {
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
+  },
+  "snyk": true
 }