# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. version: v1.25.0 # ignores vulnerabilities until expiry date; change duration by modifying expiry date ignore: # in case snyk wants werkzeug v3, in the future: # we cannot upgrade werkzeug because it breaks connexion # and we can't upgrade connexion because it downgrades werkzeug. # this means we cannot satisfy the snyk requiement to upgrade werkzeug to v3. # we have a ticket to workaround it: # https://github.com/sartography/spiff-arena/issues/592 SNYK-PYTHON-CRYPTOGRAPHY-6050294: - '*': reason: No current resolution expires: 2024-12-15T19:52:08.948Z created: 2023-11-15T19:52:08.954Z SNYK-PYTHON-CRYPTOGRAPHY-6126975: - '*': reason: No current resolution expires: 2024-12-15T19:52:08.948Z created: 2023-12-18T19:52:08.954Z SNYK-PYTHON-CRYPTOGRAPHY-6149518: - '*': reason: None Given expires: 2024-12-15T19:52:08.948Z created: 2024-01-10T17:26:21.936Z patch: {} # when running snyk ignore to ignore issues with "snyk code test" # make sure to EXCLUDE the id option. Otherwise a bad file is created. # # Works: # snyk ignore --file-path=src/spiffworkflow_backend/routes/debug_controller.py # # Des not work: # snyk ignore --file-path=src/spiffworkflow_backend/routes/debug_controller.py --id=whatever # # a single vulnerability cannot be ignored for "snyk code test". Only whole files can be ingored. exclude: global: - src/spiffworkflow_backend/routes/debug_controller.py