-
Notifications
You must be signed in to change notification settings - Fork 9
/
.snyk
41 lines (41 loc) · 1.82 KB
/
.snyk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.25.0
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
SNYK-JAVA-ORGJETBRAINSKOTLIN-2393744:
- '*':
reason: >-
This vulnerability relates to information exposure via creation of
temporary files via Kotlin functions with insecure permissions. Corda
does not use any of the vulnerable functions so it not susceptible to
this vulnerability.
expires: 2025-11-18T13:28:02.597Z
created: 2022-09-22T10:40:55.995Z
SNYK-JAVA-COMFASTERXMLWOODSTOX-3091135:
- '*':
reason: >-
Corda5 Shippable artifacts do not make use of dokka-core, which is
where this dependency originates, this is used at compile / build time
only for Kdoc generation and not shipped in any of our releasable
artifacts.
expires: 2025-11-19T10:40:55.991Z
created: 2023-03-20T13:28:02.597Z
SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538:
- '*':
reason: >-
Corda5 Shippable artifacts do not make use of dokka-core, which is
where this dependency originates, this is used at compile / build time
only for Kdoc generation and not shipped in any of our releasable
artifacts.
expires: 2025-11-18T13:28:02.597Z
created: 2024-11-18T13:28:02.597Z
SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426:
- '*':
reason: >-
Corda5 Shippable artifacts do not make use of dokka-core, which is
where this dependency originates, this is used at compile / build time
only for Kdoc generation and not shipped in any of our releasable
artifacts.
expires: 2025-06-19T10:40:55.991Z
created: 2022-12-20T10:40:55.995Z
patch: {}