# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.7.1
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
ignore:
  'npm:parsejson:20170908':
    - socket.io > socket.io-client > engine.io-client > parsejson:
        reason: Cannot fix right now
        expires: '2017-10-27T13:18:19.941Z'
# patches apply the minimum changes required to fix a vulnerability
patch:
  'npm:negotiator:20160616':
    - socket.io > engine.io > accepts > negotiator:
        patched: '2016-10-05T20:19:08.338Z'
  'npm:ws:20160624':
    - socket.io > socket.io-client > engine.io-client > ws:
        patched: '2016-10-05T20:19:08.338Z'
    - socket.io > engine.io > ws:
        patched: '2016-10-05T20:19:08.338Z'