chore: ignore semver vulnerability until Snyk is updated with the new…

… info on the backported fixes
mongodb-js · Jul 11, 2023 · 451a64b · 451a64b
1 parent 12867f1
commit 451a64b
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/.snyk b/.snyk
@@ -1,6 +1,12 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.12.0
-ignore: {}
+version: v1.25.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JS-SEMVER-3247795:
+    - '*':
+        reason: "Security patches released for semver 5.x (5.7.2) and 6.x (6.3.1) are not yet known to Snyk which is why we would like to ignore this vulnerability until the mentioned expiry."
+        expires: 2023-08-10T12:28:31.048Z
+        created: 2023-07-11T12:28:31.057Z
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   'npm:ms:20170412':