This repository has been archived by the owner on Mar 27, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
.snyk
37 lines (37 loc) · 1.78 KB
/
.snyk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.14.1
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
'npm:mem:20180117':
- showdown > yargs > os-locale > mem:
reason: No patch avalible yet and DoS of registry README is not a high risk.
expires: '2018-11-02T17:09:51.357Z'
SNYK-JS-MARKED-451341:
- '*':
reason: >-
We do not use sassdoc-extras Markdown features and trust our SassDoc
input.
expires: 2020-01-01T16:54:13.300Z
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- '@financial-times/health-check > lodash':
patched: '2020-05-01T17:29:53.799Z'
- '@financial-times/origami-repo-data-client > lodash':
patched: '2020-05-01T17:29:53.799Z'
- '@financial-times/origami-service > lodash':
patched: '2020-05-01T17:29:53.799Z'
- cheerio > lodash:
patched: '2020-05-01T17:29:53.799Z'
- request-promise-native > request-promise-core > lodash:
patched: '2020-05-01T17:29:53.799Z'
- '@financial-times/origami-service > @financial-times/express-web-service > lodash':
patched: '2020-05-01T17:29:53.799Z'
- '@financial-times/origami-service > next-metrics > lodash':
patched: '2020-05-01T17:29:53.799Z'
- '@financial-times/health-check > request-promise-native > request-promise-core > lodash':
patched: '2020-05-01T17:29:53.799Z'
- '@financial-times/origami-repo-data-client > request-promise-native > request-promise-core > lodash':
patched: '2020-05-01T17:29:53.799Z'
- '@financial-times/origami-service > request-promise-native > request-promise-core > lodash':
patched: '2020-05-01T17:29:53.799Z'