diff --git a/.snyk b/.snyk
new file mode 100644
index 00000000000000..f812a2b3151909
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,26 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.19.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:hawk:20160119':
+    - yui > request > hawk:
+        patched: '2020-11-13T19:25:51.329Z'
+  'npm:http-signature:20150122':
+    - yui > request > http-signature:
+        patched: '2020-11-13T19:25:51.329Z'
+  'npm:lodash:20180130':
+    - thundercats > stampit > lodash:
+        patched: '2020-11-13T19:25:51.329Z'
+  'npm:mime:20170907':
+    - yui > request > form-data > mime:
+        patched: '2020-11-13T19:25:51.329Z'
+  'npm:request:20160119':
+    - yui > request:
+        patched: '2020-11-13T19:25:51.329Z'
+  'npm:tunnel-agent:20170305':
+    - yui > request > tunnel-agent:
+        patched: '2020-11-13T19:25:51.329Z'
+  'npm:uglify-js:20151024':
+    - jade > transformers > uglify-js:
+        patched: '2020-11-13T19:25:51.329Z'
diff --git a/package.json b/package.json
index a7dbe97d44bab2..62e7fdabe421f6 100644
--- a/package.json
+++ b/package.json
@@ -11,7 +11,9 @@
     "prestart-production": "bower cache clean && bower install && gulp build && npm run build-production",
     "start-production": "node pm2Start",
     "lint": "eslint --ext=.js,.jsx .",
-    "test": "mocha"
+    "test": "mocha",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "license": "(BSD-3-Clause AND CC-BY-SA-4.0)",
   "contributors": [
@@ -25,7 +27,7 @@
     }
   ],
   "dependencies": {
-    "accepts": "~1.2.5",
+    "accepts": "~1.3.3",
     "async": "~0.9.0",
     "babel": "6.0.0",
     "babel-core": "6.10.4",
@@ -33,46 +35,46 @@
     "bcrypt-nodejs": "~0.0.3",
     "body-parser": "^1.13.2",
     "chai-jquery": "~2.0.0",
-    "cheerio": "~0.18.0",
+    "cheerio": "~0.20.0",
     "classnames": "^2.1.2",
     "clockwork": "~0.1.1",
-    "compression": "~1.2.1",
-    "connect-mongo": "~0.7.0",
+    "compression": "~1.7.1",
+    "connect-mongo": "~3.0.0",
     "cookie-parser": "~1.3.3",
     "csso": "~1.3.11",
     "dateformat": "~1.0.11",
-    "debug": "~2.1.0",
+    "debug": "~2.6.9",
     "dotenv": "~0.4.0",
-    "errorhandler": "~1.3.0",
-    "express": "~4.10.4",
+    "errorhandler": "~1.4.3",
+    "express": "~4.16.0",
     "express-flash": "~0.0.2",
-    "express-session": "~1.9.2",
-    "express-state": "^1.2.0",
-    "express-validator": "~2.8.0",
+    "express-session": "~1.15.6",
+    "express-state": "^2.0.0",
+    "express-validator": "~2.20.4",
     "fetchr": "^0.5.12",
     "font-awesome": "~4.3.0",
     "forever": "~2.0.0",
     "frameguard": "^0.2.2",
     "github-api": "~0.7.0",
-    "gulp-less": "^3.0.3",
+    "gulp-less": "^4.0.0",
     "gulp-minify-css": "~0.5.1",
     "gulp-webpack": "^1.5.0",
-    "helmet": "~0.9.0",
+    "helmet": "~3.8.2",
     "helmet-csp": "^0.2.3",
     "jade": "~1.8.0",
     "json-loader": "^0.5.2",
-    "less": "~1.7.5",
+    "less": "~2.1.0",
     "less-middleware": "~2.0.1",
-    "lodash": "^3.9.3",
+    "lodash": "^4.17.20",
     "loopback": "https://github.com/FreeCodeCamp/loopback.git#fix/no-password",
     "loopback-boot": "^2.8.0",
     "loopback-component-passport": "1.4.0",
-    "loopback-connector-mongodb": "^1.10.0",
+    "loopback-connector-mongodb": "^3.6.0",
     "lusca": "~1.0.2",
     "method-override": "~2.3.0",
-    "moment": "~2.10.2",
-    "mongodb": "^2.0.33",
-    "morgan": "~1.5.0",
+    "moment": "~2.19.3",
+    "mongodb": "^3.1.13",
+    "morgan": "~1.9.1",
     "node-libs-browser": "^0.5.2",
     "node-slack": "0.0.7",
     "node-uuid": "^1.4.3",
@@ -87,22 +89,23 @@
     "passport-twitter": "^1.0.3",
     "pmx": "^0.3.16",
     "ramda": "~0.10.0",
-    "react": "^0.13.3",
+    "react": "^0.14.0",
     "react-bootstrap": "^0.23.7",
     "react-motion": "~0.1.0",
     "react-router": "https://github.com/BerkeleyTrue/react-router#freecodecamp",
     "react-vimeo": "^0.0.3",
-    "request": "~2.53.0",
+    "request": "~2.82.0",
     "rx": "^2.5.3",
-    "sanitize-html": "~1.6.1",
+    "sanitize-html": "~2.0.0",
     "source-map-support": "^0.3.2",
     "thundercats": "^2.1.0",
     "thundercats-react": "^0.1.0",
     "twit": "~1.1.20",
-    "uglify-js": "~2.4.15",
-    "validator": "~3.22.1",
-    "webpack": "^1.9.12",
-    "yui": "~3.18.1"
+    "uglify-js": "~2.6.0",
+    "validator": "~5.0.0",
+    "webpack": "^2.2.0",
+    "yui": "~3.18.1",
+    "snyk": "^1.426.0"
   },
   "devDependencies": {
     "babel-eslint": "^3.1.7",
@@ -127,5 +130,6 @@
     "multiline": "~1.0.1",
     "supertest": "~0.15.0",
     "vinyl-source-stream": "^1.1.0"
-  }
+  },
+  "snyk": true
 }