Add protobuf CVE to pip audit ignore list

[mabashian]

Jira Issue: This PR does not need a corresponding Jira item.

Assisted-by:
Generated by:

Description

Added GHSA-7gcm-g887-7qv7 to the pip_audit.yml ignore list due to a DoS vulnerability in protobuf's json_format.ParseDict(). This will be removed once a patched version is released.

Testing

Steps to test

1. Pull down the PR
2. ...
3. ...

Type of Change

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to break)
• Security fix
• Performance improvement
• Code refactoring
• Documentation update
• CI/CD update

Backport Policy

This change should be:

• Not backported - main/master only
• Backported to specific releases (add labels after merge)

Automated Backport Instructions

After this PR is merged, add one or more labels to automatically create backport PRs:

• backport/stable-2.4 - Backport to stable-2.4 branch
• backport/stable-2.5 - Backport to stable-2.5 branch
• backport/stable-2.6 - Backport to stable-2.6 branch
• backport/all - Backport to all active stable branches
• no-backport - Explicitly mark as not needing backport

Backport Justification

Special backport considerations:

Scenarios tested

Production deployment

• This code change is ready for production on its own
• This code change requires the following considerations before going to production:

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud