🔒 Ignore tar vuln for 30 days

See reason/explanation in snyk policy file.
GitSquared · Apr 18, 2019 · 84fc7c2 · 84fc7c2
1 parent db27440
commit 84fc7c2
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/.snyk b/.snyk
@@ -1,6 +1,13 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.13.5
-ignore: {}
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JS-TAR-174125:
+    - electron-rebuild > node-gyp > tar:
+        reason: >-
+          Only affecting build system, and we trust upstream electron tar
+          archives.
+        expires: '2019-05-18T15:26:53.522Z'
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   'npm:hoek:20180212':