23 lines
967 B
Plaintext
23 lines
967 B
Plaintext
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
|
version: v1.25.0
|
|
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
|
|
ignore:
|
|
SNYK-JAVA-ORGJETBRAINSKOTLIN-2393744:
|
|
- '*':
|
|
reason: >-
|
|
This vulnerability relates to information exposure via creation of
|
|
temporary files (via Kotlin functions) with insecure permissions.
|
|
Corda does not use any of the vulnerable functions so it is not
|
|
susceptible to this vulnerability
|
|
expires: 2023-06-19T17:15:26.836Z
|
|
created: 2023-02-02T17:15:26.839Z
|
|
SNYK-JAVA-ORGJETBRAINSKOTLIN-2628385:
|
|
- '*':
|
|
reason: >-
|
|
corda-simulator-runtime is a testRuntimeOnly dependency, as such this
|
|
dependency will not be included in any cordaApp produced by the CSDE
|
|
project Template
|
|
expires: 2023-06-19T17:16:00.009Z
|
|
created: 2023-02-02T17:16:00.016Z
|
|
patch: {}
|