# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.13.5
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
  SNYK-JS-MINIMIST-559764:
    - '*':
        reason: Update/patch unavailable
        expires: '2020-06-30T00:00:00.000Z'
  SNYK-JS-DOTPROP-543489:
    - '*':
        reason: Update/patch unavailable
        expires: '2020-06-30T00:00:00.000Z'
  SNYK-JS-YARGSPARSER-560381:
    - '*':
        reason: Update/patch unavailable
        expires: '2020-06-30T00:00:00.000Z'
  SNYK-JS-MARKDOWN-560793:
    - '*':
        reason: Update/patch unavailable
        expires: '2020-06-30T00:00:00.000Z'
# patches apply the minimum changes required to fix a vulnerability
patch:
  SNYK-JS-LODASH-567746:
    - hexo > lodash:
        patched: '2020-05-04T00:00:00.000Z'
      renovate > lodash:
        patched: '2020-05-04T00:00:00.000Z'
      renovate > @snyk/ruby-semver > lodash:
        patched: '2020-05-15T00:00:00.000Z'
      lodash:
        patched: '2020-06-22T00:00:00.000Z'