From 1661a4ecc76fee3ff86d8d8f5d3c91728b333662 Mon Sep 17 00:00:00 2001
From: Bruno Oliveira da Silva <bruno@abstractj.com>
Date: Wed, 13 Apr 2022 09:28:32 -0300
Subject: [PATCH] Suppress Snyk warnings about WildFly Elytron

Resolves #11277
---
 .github/snyk/.snyk | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/snyk/.snyk b/.github/snyk/.snyk
index d23ea685d9..d04fa97e75 100644
--- a/.github/snyk/.snyk
+++ b/.github/snyk/.snyk
@@ -28,6 +28,16 @@ ignore:
           The expiry date was set as a reminder for us to upgrade, once they
           provide the fix.
         expires: 2022-05-31T00:00:00.000Z
+  SNYK-JAVA-ORGWILDFLYSECURITY-1316682:
+    - "*":
+        reason: >
+          WildFly Elytron was upgraded and Keycloak is no longer affected 
+          by CVE-2021-3642. The issue was fixed on Elytron 1.10.14.Final, 
+          1.15.5.Final and 1.16.1.Final last year. More details:
+            - https://issues.redhat.com/browse/ELY-2147   
+            - https://nvd.nist.gov/vuln/detail/CVE-2021-3642
+            - https://github.com/keycloak/keycloak/pull/11250
+            - https://github.com/keycloak/keycloak/pull/11197
 
   # License warnings
   snyk:lic:maven:org.eclipse.sisu:org.eclipse.sisu.plexus:EPL-1.0: