blog/.snyk

# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.13.5
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
  SNYK-JS-LODASHMERGE-173732:
    - hexo > cheerio > lodash.merge:
        reason: Patch/update unavailable
        expires: '2019-12-31T00:00:00.000Z'
  SNYK-JS-LODASHMERGE-173733:
    - hexo > cheerio > lodash.merge:
        reason: Patch/update unavailable
        expires: '2019-12-31T00:00:00.000Z'
  SNYK-JS-SETVALUE-450213:
  # snapdragon > base > cache-base > set-value
    - '*':
        reason: Patch/update unavailable
        expires: '2019-12-31T00:00:00.000Z'
  SNYK-JS-MIXINDEEP-450212:
  # snapdragon > base > mixin-deep
    - '*':
        reason: Patch/update unavailable
        expires: '2019-12-31T00:00:00.000Z'
patch: {}
fix: .snyk & package.json to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/npm:lodash:20180130 - https://snyk.io/vuln/npm:tunnel-agent:20170305 2018-09-24 08:27:53 +00:00			`# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.`
chore: update snyk policy https://snyk.io/vuln/SNYK-JS-MARKED-174116 2019-04-12 03:27:47 +00:00			`version: v1.13.5`
Add snyk to CI Use proper snyk flow https://snyk.io/docs/using-snyk/ 2018-09-25 00:16:25 +00:00			`# ignores vulnerabilities until expiry date; change duration by modifying expiry date`
			`ignore:`
chore: update snyk policy 2019-03-08 10:26:46 +00:00			`SNYK-JS-LODASHMERGE-173732:`
			`- hexo > cheerio > lodash.merge:`
Update snyk policy 2018-09-30 08:31:45 +00:00			`reason: Patch/update unavailable`
chore: update expiry of snyk ignore policy Updated 'renovate' package has fixed vulnerabilities. 2018-12-31 10:56:28 +00:00			`expires: '2019-12-31T00:00:00.000Z'`
chore: update snyk policy 2019-04-05 01:08:40 +00:00			`SNYK-JS-LODASHMERGE-173733:`
			`- hexo > cheerio > lodash.merge:`
			`reason: Patch/update unavailable`
			`expires: '2019-12-31T00:00:00.000Z'`
test(snyk): ignore set-value and mixin-deep * https://snyk.io/vuln/SNYK-JS-SETVALUE-450213 * https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 * Remove braces and marked 2019-06-21 04:09:29 +00:00			`SNYK-JS-SETVALUE-450213:`
test(snyk): mention affected deps 2019-06-22 04:47:45 +00:00			`# snapdragon > base > cache-base > set-value`
test(snyk): ignore set-value and mixin-deep * https://snyk.io/vuln/SNYK-JS-SETVALUE-450213 * https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 * Remove braces and marked 2019-06-21 04:09:29 +00:00			`- '*':`
			`reason: Patch/update unavailable`
			`expires: '2019-12-31T00:00:00.000Z'`
			`SNYK-JS-MIXINDEEP-450212:`
test(snyk): mention affected deps 2019-06-22 04:47:45 +00:00			`# snapdragon > base > mixin-deep`
test(snyk): ignore set-value and mixin-deep * https://snyk.io/vuln/SNYK-JS-SETVALUE-450213 * https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 * Remove braces and marked 2019-06-21 04:09:29 +00:00			`- '*':`
chore: update snyk policy https://snyk.io/vuln/SNYK-JS-MARKED-174116 2019-04-12 03:27:47 +00:00			`reason: Patch/update unavailable`
			`expires: '2019-12-31T00:00:00.000Z'`
chore: update snyk policy 2019-03-08 10:26:46 +00:00			`patch: {}`