From b362da56abaed43d308d17758143dbba3185b012 Mon Sep 17 00:00:00 2001
From: snyk-bot <admin+snyk-bot@snyk.io>
Date: Wed, 18 Oct 2017 15:49:54 +0000
Subject: [PATCH] fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are ignored:
- https://snyk.io/vuln/npm:marked:20170907
- https://snyk.io/vuln/npm:shelljs:20140723

Latest report for coralproject/talk:
https://snyk.io/test/github/coralproject/talk
---
 .snyk        | 17 ++++++++++++++++-
 package.json |  2 +-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/.snyk b/.snyk
index 3e46b4ab9..e8c995b60 100644
--- a/.snyk
+++ b/.snyk
@@ -1,6 +1,21 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.7.1
-ignore: {}
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:marked:20170907':
+    - marked:
+        reason: None given
+        expires: '2017-11-17T15:49:54.237Z'
+    - graphql-docs > marked:
+        reason: None given
+        expires: '2017-11-17T15:49:54.237Z'
+    - simplemde > marked:
+        reason: None given
+        expires: '2017-11-17T15:49:54.237Z'
+  'npm:shelljs:20140723':
+    - react-mdl-selectfield > @kadira/storybook-deployer > shelljs:
+        reason: None given
+        expires: '2017-11-17T15:49:54.237Z'
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   'npm:marked:20170112':
diff --git a/package.json b/package.json
index 6743b8a09..2d08086ab 100644
--- a/package.json
+++ b/package.json
@@ -186,7 +186,7 @@
     "webpack-sources": "^1.0.1",
     "yaml-loader": "^0.4.0",
     "yamljs": "^0.2.10",
-    "snyk": "^1.42.5"
+    "snyk": "^1.43.0"
   },
   "devDependencies": {
     "@coralproject/eslint-config-talk": "^0.0.4",