From df70f3100252987aba5d5714ceade423492117b0 Mon Sep 17 00:00:00 2001
From: nargas-ritu <59389071+nargas-ritu@users.noreply.github.com>
Date: Wed, 8 Feb 2023 07:29:50 +0000
Subject: [PATCH] NOTICK: Snyk waivers added for Corda5-Beta1 release (#18)

---
 .snyk | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 .snyk

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..b4f98ac
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,22 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JAVA-ORGJETBRAINSKOTLIN-2393744:
+    - '*':
+        reason: >-
+          This vulnerability relates to information exposure via creation of
+          temporary files (via Kotlin functions) with insecure permissions.
+          Corda does not use any of the vulnerable functions so it is not
+          susceptible to this vulnerability
+        expires: 2023-06-19T17:15:26.836Z
+        created: 2023-02-02T17:15:26.839Z
+  SNYK-JAVA-ORGJETBRAINSKOTLIN-2628385:
+    - '*':
+        reason: >-
+          corda-simulator-runtime is a testRuntimeOnly dependency, as such this
+          dependency  will not be included in any cordaApp produced by the CSDE
+          project Template
+        expires: 2023-06-19T17:16:00.009Z
+        created: 2023-02-02T17:16:00.016Z
+patch: {}