Skip to content

Commit

Permalink
Backport of security: triage false positive for go-jose/v3 into relea…
Browse files Browse the repository at this point in the history 
…se/1.15.x (#20902)

backport of commit c8d6b25

Co-authored-by: Michael Zalimeni <[email protected]>
  • Loading branch information
@hc-github-team-consul-core @zalimeni
hc-github-team-consul-core and zalimeni authored Mar 26, 2024
1 parent 2a8c9d0 commit 4fc9491
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
11 changes: 11 additions & 0 deletions .release/security-scan.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,4 +68,15 @@ binary {
]
}
}

# Triage items that are _safe_ to ignore here. Note that this list should be
# periodically cleaned up to remove items that are no longer found by the scanner.
triage {
suppress {
# N.b. `vulnerabilites` is the correct spelling for this tool.
vulnerabilites = [
"GO-2024-2631", # go-jose/[email protected] (false positive)
]
}
}
}
11 changes: 11 additions & 0 deletions scan.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,15 @@ repository {
secrets {
all = true
}

# Triage items that are _safe_ to ignore here. Note that this list should be
# periodically cleaned up to remove items that are no longer found by the scanner.
triage {
suppress {
# N.b. `vulnerabilites` is the correct spelling for this tool.
vulnerabilites = [
"GO-2024-2631", # go-jose/[email protected] (false positive)
]
}
}
}

0 comments on commit 4fc9491

Please sign in to comment.