Merge pull request #2 from alchen99/snyk-fix-91169c5a

[Snyk] Fix for 5 vulnerable dependency paths
alchen99 · May 24, 2017 · 424f909 · 424f909
2 parents 9ab9582 + 22bcc5a
commit 424f909
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 2 deletions.
diff --git a/.snyk b/.snyk
@@ -1,6 +1,23 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.7.1
-ignore: {}
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:ejs:20161128':
+    - ejs-locals > ejs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
+  'npm:ejs:20161130':
+    - ejs-locals > ejs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
+  'npm:ejs:20161130-1':
+    - ejs-locals > ejs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
+  'npm:qs:20170213':
+    - tap > codecov.io > request > qs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   'npm:hawk:20160119':

diff --git a/package.json b/package.json
@@ -15,7 +15,7 @@
     "prepublish": "npm run snyk-protect"
   },
   "dependencies": {
-    "body-parser": "1.17.1",
+    "body-parser": "1.17.2",
     "cookie-parser": "1.3.3",
     "ejs": "2.5.5",
     "ejs-locals": "1.0.2",