chore: add .snyk file to declaratively ignore irrelevant issues (argo…

…proj#8599) chore: add .snyk file to declaratively ignore irrelevant issues (argoproj#8599) Signed-off-by: Michael Crenshaw <[email protected]>
tkasuz · Mar 10, 2022 · 334521a · 334521a
1 parent 57d822f
commit 334521a
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/.snyk b/.snyk
@@ -0,0 +1,18 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.22.1
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JS-ANSIREGEX-1583908:
+    - '*':
+        reason: >-
+          Code is only run client-side in the swagger-ui endpoint. No risk of
+          server-side DoS.
+  SNYK-CC-K8S-44:
+    - 'manifests/core-install.yaml > *':
+        reason: >-
+          Argo CD needs wide permissions to manage resources.
+    - 'manifests/install.yaml > *':
+        reason: >-
+          Argo CD needs wide permissions to manage resources.
+patch: {}
+
diff --git a/generate-snyk-report.sh b/generate-snyk-report.sh