forked from GSA/data.gov
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.snyk
39 lines (35 loc) · 1.29 KB
/
.snyk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.13.5
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
SNYK-PYTHON-ANSIBLE-536475:
- '*':
reason: >-
solaris_zone module is not used, fix requires ansible 2.9
https://github.com/gsa/datagov-deploy/issues/893
expires: 2021-06-11T00:00:00.000Z
SNYK-PYTHON-ANSIBLE-1297166:
- '*':
reason: >-
Ansible 3.0 upgrade work has a July2021 milestone
https://github.com/GSA/datagov-deploy/issues/893
expires: 2021-06-11T00:00:00.000Z
SNYK-PYTHON-ANSIBLE-1292152:
- '*':
reason: >-
Managed nodes are only accessible to data.gov operators. Risk is
acceptable.
expires: 2021-08-13T06:00:00.000Z
SNYK-PYTHON-ANSIBLE-1292154:
- '*':
reason: >-
Managed nodes are only accessible to data.gov operators. Risk is
acceptable.
expires: 2021-08-13T06:00:00.000Z
SNYK-PYTHON-CRYPTOGRAPHY-1022152:
- '*':
reason: >-
There is no fixed version for cryptography at this time (patch is applied, however)
Only used in trusted environments, so risk is low.
expires: 2021-06-12T06:00:00.000Z
patch: {}