diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..8eb4a13
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,8 @@
+version: v1.5.0
+ignore: {}
+patch:
+  'npm:uglify-js:20151024':
+    - jade > transformers > uglify-js:
+        patched: '2016-11-24T18:02:06.345Z'
+    - jade > constantinople > uglify-js:
+        patched: '2016-11-24T18:02:06.345Z'
diff --git a/package.json b/package.json
index e561ee8..dedfba3 100644
--- a/package.json
+++ b/package.json
@@ -4,16 +4,19 @@
   "description": "Instrument and generate code coverage independent of test runner",
   "main": "index.js",
   "scripts": {
-    "test": "gulp test"
+    "test": "gulp test",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "dependencies": {
     "extend": "~1.2.1",
     "gulp-util": "~2.2.13",
     "instrumentjs": "0.0.2",
-    "jade": "~1.1.4",
-    "multimatch": "~0.1.0",
+    "jade": "~1.8.0",
+    "multimatch": "~2.1.0",
     "through2": "~0.4.0",
-    "underscore": "~1.5.2"
+    "underscore": "~1.5.2",
+    "snyk": "^1.20.0"
   },
   "devDependencies": {
     "gulp-mocha": "~0.4.1",
@@ -35,5 +38,6 @@
   "repository": {
     "type": "git",
     "url": "https://github.com/dylanb/gulp-coverage.git"
-  }
+  },
+  "snyk": true
 }