Updates ./install/.snyk to ignore certain vulnerabilities

CMU-17313Q · Nov 3, 2024 · 96fe717 · 96fe717
1 parent bf82a48
commit 96fe717
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/install/.snyk b/install/.snyk
@@ -19,4 +19,14 @@ ignore:
   SNYK-JS-REQUEST-3361831:  # SSRF potential in Request package
     - '*':
         reason: "Not relevant within our application's environment."
-        expires: '2025-12-31T00:00:00Z'
+        expires: '2025-12-31T00:00:00Z'
+
+  SNYK-JS-JQUERYFORM-574783:  # XSS vulnerability in jquery-form
+    - '*':
+        reason: "No alternative available; limited exposure in current usage."
+        expires: '2025-12-31T00:00:00Z'
+
+  SNYK-JS-MARKDOWNIT-6483324:  # Infinite loop vulnerability in markdown-it
+    - '*':
+        reason: "Fixed in newer version, pending update in dependent library."
+        expires: '2025-12-31T00:00:00Z'