forked from google/osv.dev
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathosv-scanner.toml
More file actions
31 lines (26 loc) · 986 Bytes
/
osv-scanner.toml
File metadata and controls
31 lines (26 loc) · 986 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
[[IgnoredVulns]]
id = "GO-2022-0968"
# ignoreUntil = 2022-11-09 # Optional exception expiry date
reason = "No ssh servers are connected to or hosted in Go lang"
[[IgnoredVulns]]
id = "GO-2022-1059"
# ignoreUntil = 2022-11-09 # Optional exception expiry date
reason = "No external http servers are written in Go lang."
[[IgnoredVulns]]
id = "GO-2022-0356"
# ignoreUntil = 2022-11-09 # Optional exception expiry date
reason = "No ssh servers"
[[IgnoredVulns]]
id = "GO-2022-0969"
# ignoreUntil = 2022-11-09 # Optional exception expiry date
reason = "No external http servers in Go lang."
[[PackageOverrides]]
name = "urllib3"
version = "1.26.20"
ecosystem = "PyPI"
vulnerability.ignore = true
reason = """
Only installed when running with PyPy, and we use CPython only.
The constraint comes from a dev dependency, so it's unlikely to show up in our dependent packages.
See https://github.com/kevin1024/vcrpy/blob/19bd4e012c8fd6970fd7f2af3cc60aed1e5f1ab5/setup.py#L33-L41
"""