[Maintenance] Make upstream vulnerabilities not fail the pipe

NoResponseMate · NoResponseMate · commit 7b1a3e54ecd7 · 2025-10-10T11:48:28.000+02:00
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -194,7 +194,9 @@ jobs:
 
             -
                 name: Run security check
-                run: symfony security:check
+                run: |
+                    symfony security:check --disable-exit-code
+                    composer audit --locked
 
             -
                 name: Run ECS
diff --git a/composer.json b/composer.json
@@ -64,6 +64,12 @@
             "symfony/flex": true,
             "symfony/thanks": false,
             "php-http/discovery": true
+        },
+        "audit": {
+            "ignore": [
+                "CVE-2025-31481",
+                "CVE-2025-31485"
+            ]
         }
     },
     "conflict": {

Original file line number	Diff line number	Diff line change
`@@ -194,7 +194,9 @@ jobs:`
`194`	`194`
`195`	`195`	`-`
`196`	`196`	`name: Run security check`
`197`		`- run: symfony security:check`
	`197`	`+ run: \|`
	`198`	`+ symfony security:check --disable-exit-code`
	`199`	`+ composer audit --locked`
`198`	`200`
`199`	`201`	`-`
`200`	`202`	`name: Run ECS`