diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl index 0e192490d80..c82d9b69a4e 100644 --- a/.release/security-scan.hcl +++ b/.release/security-scan.hcl @@ -23,4 +23,14 @@ binary { all = true skip_path_strings = ["/website/content/"] } + + # Triage items that are _safe_ to ignore here. Note that this list should be + # periodically cleaned up to remove items that are no longer found by the scanner. + triage { + suppress { + vulnerabilities = [ + "GO-2022-0635", // github.com/aws/aws-sdk-go@v1.55.5 TODO(dduzgun-security): remove when deps is resolved + ] + } + } }