diff --git a/.snyk b/.snyk
index a0d672f3d1aaac..4003b6d8890d39 100644
--- a/.snyk
+++ b/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.7.0
+version: v1.12.0
 ignore: {}
 # patches apply the minimum changes required to fix a vulnerability
 patch:
@@ -79,3 +79,6 @@ patch:
   'npm:uglify-js:20150824':
     - jade > transformers > uglify-js:
         patched: '2016-07-29T23:00:15.905Z'
+  'npm:tunnel-agent:20170305':
+    - jsonlint-cli > omni-fetch > caw > tunnel-agent:
+        patched: '2018-10-25T06:48:42.619Z'
diff --git a/package.json b/package.json
index 33fd31eea96593..4f22b7201687e5 100644
--- a/package.json
+++ b/package.json
@@ -27,7 +27,8 @@
     "test-js-server": "tape -r babel-register \"server/**/*.test.js\" | tap-spec",
     "test": "npm run test-js && npm run test-challenges",
     "cover": "babel-node ./node_modules/.bin/babel-istanbul cover tape common/**/*.test.js",
-    "coveralls": "npm run cover && istanbul-coveralls"
+    "coveralls": "npm run cover && istanbul-coveralls",
+    "prepare": "npm run snyk-protect"
   },
   "license": "(BSD-3-Clause AND CC-BY-SA-4.0)",
   "dependencies": {
@@ -114,7 +115,7 @@
     "reselect": "^2.0.2",
     "rx": "^4.0.0",
     "sanitize-html": "^1.11.1",
-    "snyk": "^1.19.1",
+    "snyk": "^1.105.0",
     "store": "https://github.com/berkeleytrue/store.js.git#feature/noop-server",
     "uuid": "^3.0.1",
     "validator": "^6.0.0"