# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.12.0
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
  'npm:braces:20180219':
    - '*':
        reason: Patch/update unavailable
        expires: 2018-12-31T00:00:00.000Z
  'npm:chownr:20180731':
    - '*':
        reason: Patch/update unavailable
        expires: '2018-12-31T00:00:00.000Z'
  'npm:base64url:20180511':
    - renovate > docker-registry-client > base64url:
        reason: Patch/update unavailable
        expires: '2018-12-31T00:00:00.000Z'
    - renovate > docker-registry-client > jws > base64url:
        reason: Patch/update unavailable
        expires: '2018-12-31T00:00:00.000Z'
  'npm:mem:20180117':
    - renovate > npm > libnpx > yargs > os-locale > mem:
        reason: Patch/update unavailable
        expires: '2018-12-31T00:00:00.000Z'
  'npm:tough-cookie:20170905':
    - renovate > docker-registry-client > tough-cookie:
        reason: Patch/update unavailable
        expires: '2018-12-31T00:00:00.000Z'
# patches apply the minimum changes required to fix a vulnerability
patch:
  'npm:lodash:20180130':
    - renovate > docker-registry-client > restify-clients > restify-errors > lodash:
        patched: '2018-10-27T00:00:00.000Z'
    - renovate > docker-registry-client > restify-errors > lodash:
        patched: '2018-10-27T00:00:00.000Z'
  'npm:tough-cookie:20160722':
    - renovate > docker-registry-client > tough-cookie:
        patched: '2018-10-27T00:00:00.000Z'