diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..a30d08c
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,11 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:lodash:20180130':
+    - scraperjs > cheerio > lodash:
+        patched: '2022-10-06T16:13:49.687Z'
+  'npm:qs:20140806-1':
+    - grunt-contrib-watch > tiny-lr-fork > qs:
+        patched: '2022-10-06T16:13:49.687Z'
diff --git a/package.json b/package.json
index 3e9ea0f..7901257 100644
--- a/package.json
+++ b/package.json
@@ -5,7 +5,9 @@
   "main": "server/server.js",
   "scripts": {
     "start": "nodemon server/server.js",
-    "postinstall": "bower install"
+    "postinstall": "bower install",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "repository": {
     "type": "git",
@@ -25,22 +27,24 @@
     "express": "^4.13.3",
     "express-partials": "^0.3.0",
     "express-session": "^1.12.1",
-    "grunt": "^0.4.5",
-    "grunt-cli": "^0.1.13",
+    "grunt": "^1.5.3",
+    "grunt-cli": "^1.3.0",
     "grunt-contrib-clean": "^0.7.0",
     "grunt-contrib-concat": "^0.5.1",
-    "grunt-contrib-cssmin": "^0.14.0",
-    "grunt-contrib-jshint": "^0.11.3",
-    "grunt-contrib-uglify": "^0.11.0",
-    "grunt-contrib-watch": "^0.6.1",
+    "grunt-contrib-cssmin": "^2.2.0",
+    "grunt-contrib-jshint": "^3.1.0",
+    "grunt-contrib-uglify": "^4.0.1",
+    "grunt-contrib-watch": "^1.0.1",
     "grunt-nodemon": "^0.4.1",
     "grunt-shell": "^1.1.2",
     "http": "0.0.0",
-    "kerberos": "0.0.17",
-    "mongoose": "^4.3.4",
+    "kerberos": "1.0.0",
+    "mongoose": "^5.13.15",
     "morgan": "^1.6.1",
-    "passport": "~0.1.17",
-    "passport-local": "~0.1.6",
-    "scraperjs": "^1.2.0"
-  }
+    "passport": "~0.6.0",
+    "passport-local": "~1.0.0",
+    "scraperjs": "^1.2.0",
+    "@snyk/protect": "latest"
+  },
+  "snyk": true
 }