diff --git a/.snyk b/.snyk
index 99b7055..e3c9828 100644
--- a/.snyk
+++ b/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.7.0
+version: v1.12.0
 ignore: {}
 # patches apply the minimum changes required to fix a vulnerability
 patch:
@@ -14,3 +14,8 @@ patch:
   'npm:tough-cookie:20160722':
     - tilelive-vector > request > tough-cookie:
         patched: '2017-02-18T10:10:55.162Z'
+  'npm:tunnel-agent:20170305':
+    - tilelive-vector > request > tunnel-agent:
+        patched: '2018-10-27T04:31:48.827Z'
+    - tilejson > requestretry > request > tunnel-agent:
+        patched: '2018-10-27T04:31:48.827Z'
diff --git a/package.json b/package.json
index 4e2e593..4f0ab3d 100644
--- a/package.json
+++ b/package.json
@@ -6,7 +6,8 @@
   "scripts": {
     "test": "node test/app.js",
     "snyk-protect": "snyk protect",
-    "prepublish": "npm run snyk-protect"
+    "prepublish": "npm run snyk-protect",
+    "prepare": "npm run snyk-protect"
   },
   "bin": {
     "csWeb-tile": "test/run.js"
@@ -40,7 +41,7 @@
     "tilelive-tmstyle": "^0.5.1",
     "tilelive-utfgrid": "^0.2.0",
     "tilelive-vector": "^3.8.0",
-    "snyk": "^1.25.0"
+    "snyk": "^1.105.0"
   },
   "snyk": true
 }