diff --git a/.snyk b/.snyk
index ac6cadbae6f..5fae0cbb498 100644
--- a/.snyk
+++ b/.snyk
@@ -1,6 +1,23 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.7.1
-ignore: {}
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:ejs:20161128':
+    - ejs-locals > ejs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
+  'npm:ejs:20161130':
+    - ejs-locals > ejs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
+  'npm:ejs:20161130-1':
+    - ejs-locals > ejs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
+  'npm:qs:20170213':
+    - tap > codecov.io > request > qs:
+        reason: None given
+        expires: '2017-06-23T23:25:25.677Z'
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   'npm:hawk:20160119':
diff --git a/package.json b/package.json
index d2705208493..b5fae7293be 100644
--- a/package.json
+++ b/package.json
@@ -15,7 +15,7 @@
     "prepublish": "npm run snyk-protect"
   },
   "dependencies": {
-    "body-parser": "1.17.1",
+    "body-parser": "1.17.2",
     "cookie-parser": "1.3.3",
     "ejs": "2.5.5",
     "ejs-locals": "1.0.2",