fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are ignored: - https://snyk.io/vuln/npm:content-type-parser:20170905 Latest report for ag-gipp/vmext: https://snyk.io/test/github/ag-gipp/vmext
gipplab · Feb 21, 2018 · fe3565c · fe3565c
1 parent abcb9ff
commit fe3565c
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/.snyk b/.snyk
@@ -1,6 +1,11 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.10.1
-ignore: {}
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:content-type-parser:20170905':
+    - jsdom > content-type-parser:
+        reason: None given
+        expires: '2018-03-23T12:44:02.190Z'
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   'npm:minimatch:20160620':

diff --git a/package.json b/package.json
@@ -53,7 +53,7 @@
     "pug": "^2.0.0-rc.4",
     "read-glob-promise": "^2.0.0",
     "serve-favicon": "^2.3.2",
-    "snyk": "^1.61.1",
+    "snyk": "^1.69.7",
     "whatwg-fetch": "^2.0.2",
     "winston": "^2.3.0",
     "winston-daily-rotate-file": "^1.3.1",