fix: ignores vulnerbilities without upgrade paths

Signed-off-by: Chris Potter <chris@reactioncommerce.com>
reactioncommerce · Sep 24, 2019 · 9612d26 · 9612d26
1 parent 4808ec2
commit 9612d26
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/package/.snyk b/package/.snyk
@@ -0,0 +1,9 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.5
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:mem:20180117':
+    - libnpx > yargs > os-locale > mem:
+        reason: package cannot be upgraded
+        expires: '2019-10-24T18:15:12.496Z'
+patch: {}