backstage

1
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
2
version: v1.22.1
3
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
4
ignore:
5
  SNYK-JS-BROWSERSLIST-1090194:
6
    - '*':
7
        reason: Developer tools are not a valid target for ReDoS attacks
8
        expires: 2022-05-20T00:00:00.000Z
9
        created: 2021-11-20T00:00:00.000Z
10

11
  SNYK-JS-IMMER-1540542:
12
    - '*':
13
        reason: Prototype pollution is not an effective attack against a CLI as it already executes arbitrary code
14
        expires: 2022-05-20T00:00:00.000Z
15
        created: 2021-11-20T00:00:00.000Z
16

17
patch: {}
18