From 675b9a567133af02a53fe95b182d86f933a65f2c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 1 May 2020 10:45:04 +0200
Subject: [PATCH 1/2] fix: demo/package.json & demo/.snyk to reduce
 vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 demo/package.json | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/demo/package.json b/demo/package.json
index b9908bc..ba8d865 100644
--- a/demo/package.json
+++ b/demo/package.json
@@ -7,7 +7,9 @@
     "test": "echo \"Error: no test specified\" && exit 1",
     "watch": "watchify browser.js -d -v -o bundle.js",
     "start": "http-server -p 3000 .",
-    "dist": "browserify browser.js -d | babel -s inline -f bundle.min.js --presets es2015 | uglifyjs --source-map content=inline,url=bundle.min.js.map --compress -o bundle.min.js"
+    "dist": "browserify browser.js -d | babel -s inline -f bundle.min.js --presets es2015 | uglifyjs --source-map content=inline,url=bundle.min.js.map --compress -o bundle.min.js",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "author": "Maciej Krüger <mkg20001@gmail.com>",
   "license": "MIT",
@@ -22,12 +24,14 @@
     "libp2p-tcp": "^0.11.1",
     "libp2p-websockets": "github:libp2p/js-libp2p-websockets#pass-options",
     "moment": "^2.20.1",
-    "pull-stream": "^3.6.1"
+    "pull-stream": "^3.6.1",
+    "snyk": "^1.316.1"
   },
   "devDependencies": {
     "babel-cli": "^6.26.0",
     "babel-preset-es2015": "^6.24.1",
     "browserify": "^14.5.0",
     "watchify": "^3.9.0"
-  }
+  },
+  "snyk": true
 }

From 5ae42faa393fb099b55a1e46b12987f44c3bb9a0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 1 May 2020 10:45:05 +0200
Subject: [PATCH 2/2] fix: demo/package.json & demo/.snyk to reduce
 vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 demo/.snyk | 152 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 152 insertions(+)
 create mode 100644 demo/.snyk

diff --git a/demo/.snyk b/demo/.snyk
new file mode 100644
index 0000000..e2b6606
--- /dev/null
+++ b/demo/.snyk
@@ -0,0 +1,152 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - libp2p > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-multiplex > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-tcp > ip-address > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - http-server > portfinder > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > ip-address > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-info > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-ping > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > multistream-select > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-info > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-info > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-info > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-ping > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-ping > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p-secio > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-info > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > multistream-select > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-info > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-info > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-info > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-info > peer-id > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-info > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-info > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-info > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-info > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-info > peer-id > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > peer-info > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > peer-book > peer-info > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-info > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-info > peer-id > libp2p-crypto > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-circuit > peer-info > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'
+    - libp2p > libp2p-swarm > libp2p-identify > peer-info > peer-id > libp2p-crypto > multihashing-async > async > lodash:
+        patched: '2020-05-01T08:44:23.103Z'