Colton Padden
5919df85d1
Ignores with 6-month duration for vulnerabilities that have also been ignored for @backstage/cli: - SNYK-JS-BROWSERSLIST-1090194 - SNYK-JS-IMMER-1540542 Signed-off-by: Colton Padden <colton.padden@fastmail.com>
18 lines
638 B
Plaintext
18 lines
638 B
Plaintext
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
|
version: v1.22.1
|
|
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
|
|
ignore:
|
|
SNYK-JS-BROWSERSLIST-1090194:
|
|
- '*':
|
|
reason: Developer tools are not a valid target for ReDoS attacks
|
|
expires: 2022-05-20T00:00:00.000Z
|
|
created: 2021-11-20T00:00:00.000Z
|
|
|
|
SNYK-JS-IMMER-1540542:
|
|
- '*':
|
|
reason: Prototype pollution is not an effective attack against a CLI as it already executes arbitrary code
|
|
expires: 2022-05-20T00:00:00.000Z
|
|
created: 2021-11-20T00:00:00.000Z
|
|
|
|
patch: {}
|