marcel/argo-cd
1
0
Fork 0
mirror of https://github.com/argoproj/argo-cd.git synced 2026-02-20 01:28:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

ci: OSV scanner override (#13099)

Browse Source 
* chore: ignore osv-scanner vulns not exploitable in Argo CD

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* fix linebreak

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

---------

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
This commit is contained in:
Justin Marquis
2023-04-04 08:54:10 -07:00
committed by GitHub
parent f738b800fe
commit a0e47e5f80
2 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
ui-test/osv-scanner.toml Normal file
View File

@@ -0,0 +1,15 @@
[[IgnoredVulns]]
id = "GHSA-93q8-gq69-wqmw"
reason = "CVE-2021-3807 Code is only run client-side in the swagger-ui endpoint. No risk of server-side DoS."
[[IgnoredVulns]]
id = "GHSA-36fh-84j7-cv5h"
reason = "Used in testing, does not affect a release"
[[IgnoredVulns]]
id = "GHSA-f8q6-p94x-37v3"
reason = "Used in testing, does not affect a release"
[[IgnoredVulns]]
id = "GHSA-qrpm-p2h7-hrv2"
reason = "Used in testing, does not affect a release"

3
ui/osv-scanner.toml Normal file
View File

@@ -0,0 +1,3 @@
[[IgnoredVulns]]
id = "GHSA-93q8-gq69-wqmw"
reason = "CVE-2021-3807 Code is only run client-side in the swagger-ui endpoint. No risk of server-side DoS."