Add Snyk to app

So that our repos avoid exposure to security vunerabilities, Snyk will monitor them for us.

Author: jenniferemshepherd

.circleci/config.yml

@@ -122,6 +122,7 @@ jobs:
       - run:
           name: shared-helper / npm-store-auth-token
           command: .circleci/shared-helpers/helper-npm-store-auth-token
+      - run: npx snyk monitor --org=customer-products --project-name=Financial-Times/x-dash
       - run:
           name: Bump version
           command: npx athloi version ${CIRCLE_TAG}
@@ -136,6 +137,7 @@ jobs:
       - run:
           name: shared-helper / npm-store-auth-token
           command: .circleci/shared-helpers/helper-npm-store-auth-token
+      - run: npx snyk monitor --org=customer-products --project-name=Financial-Times/x-dash
       - run:
           name: Extract tag name and version number
           command: |

.snyk

@@ -0,0 +1,4 @@
+# Snyk (https://snyk.io) policy file, which patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+patch: {}

package.json

@@ -12,7 +12,8 @@
     "start-storybook": "start-storybook -p ${STORYBOOK_PORT:-9001} -s .storybook/static -h local.ft.com",
     "build-storybook": "build-storybook -o dist/storybook -s .storybook/static",
     "start-docs": "(cd tools/x-docs && npm start)",
-    "heroku-postbuild": "make install && npm run build"
+    "heroku-postbuild": "make install && npm run build",
+    "prepare": "npx snyk protect || npx snyk protect -d || true"
   },
   "devDependencies": {
     "@babel/core": "^7.4.5",
@@ -35,6 +36,7 @@
     "react-helmet": "^5.2.0",
     "react-test-renderer": "^16.8.6",
     "sass-loader": "^7.1.0",
+    "snyk": "^1.168.0",
     "style-loader": "^0.23.1",
     "write-file-webpack-plugin": "^4.5.0"
   },