-
Notifications
You must be signed in to change notification settings - Fork 106
Expand file tree
/
Copy path.snyk
More file actions
25 lines (21 loc) · 1.26 KB
/
.snyk
File metadata and controls
25 lines (21 loc) · 1.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# References:
# https://docs.snyk.io/scan-applications/snyk-code/using-snyk-code-from-the-cli/excluding-directories-and-files-from-the-snyk-code-cli-test
# https://docs.snyk.io/snyk-cli/commands/ignore
# used for byte compression decompression validation
# Path: pkg/cache/compressed/cache.go, line 77
# Info: The MD5 hash (used in crypto.md5.Sum) is insecure. Consider changing it to a secure hash algorithm
# Returns warning message from release controller
# Path: sippy-ng/src/releases/ReleaseOverview.js, line 110
#Info: Unsanitized input from a React useState value flows into __html, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).
# Path: sippy-ng/src/component_readiness/JobArtifactQuery.js, line 789
# Info: Unsanitized input from a React useState value flows into window.open, where it is used as input for request redirection. This may result in an Open Redirect vulnerability.
exclude:
global:
- vendor/**
- "**/*_test.go"
- gen-resolved-issue.py
- pkg/cache/compressed/cache.go
- sippy-ng/src/prow_job_runs/IntervalsChart.js
- sippy-ng/src/releases/ReleaseOverview.js
- sippy-ng/src/components/Laundry.js
- scripts/add-intentional-regression.py