forked from snyk/cli
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.snyk
36 lines (36 loc) · 1.38 KB
/
.snyk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.25.0
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
SNYK-JS-ANSIREGEX-1583908:
- '*':
reason: Not affecting Snyk CLI. No upgrade path currently available
expires: 2022-02-01T00:00:00.000Z
created: 2021-11-29T17:25:19.200Z
SNYK-JS-LODASHSET-1320032:
- '*':
reason: No upgrade path currently available
expires: 2024-09-13T13:14:22.120Z
created: 2023-09-13T13:14:22.120Z
'snyk:lic:npm:shescape:MPL-2.0':
- '*':
reason: --about lists all dependency licenses which is a requirement of MPL-2.0
expires: 2122-12-14T16:35:38.252Z
created: 2022-11-14T16:35:38.260Z
SNYK-JS-BRACES-6838727:
- '*':
reason: Direct usage within Snyk CLI are not using vulnerable function
expires: 2024-08-13T04:12:20.523Z
created: 2024-05-14T04:12:20.531Z
SNYK-JS-MICROMATCH-6838728:
- '*':
reason: Direct usage within Snyk CLI are not using vulnerable function
expires: 2024-08-13T04:12:20.523Z
created: 2024-05-14T04:12:20.531Z
patch: {}
exclude:
code:
- test/**
# Remove the following line, once we can apply consistent ignores via the Web UIs
- scripts/upgrade-snyk-go-dependencies.go
- release-scripts/write-ls-protocol-version.go