From a4ac2025f4ac10b051ce99078fc01e8407d1c37a Mon Sep 17 00:00:00 2001 From: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com> Date: Tue, 17 Dec 2024 14:56:52 -0500 Subject: [PATCH] sec: suppress osv alert in CRT (#24701) * sec: suppress GO-2022-0635 osv alert in CRT * hclfmt --- .release/security-scan.hcl | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl index 0e192490d80..c82d9b69a4e 100644 --- a/.release/security-scan.hcl +++ b/.release/security-scan.hcl @@ -23,4 +23,14 @@ binary { all = true skip_path_strings = ["/website/content/"] } + + # Triage items that are _safe_ to ignore here. Note that this list should be + # periodically cleaned up to remove items that are no longer found by the scanner. + triage { + suppress { + vulnerabilities = [ + "GO-2022-0635", // github.com/aws/aws-sdk-go@v1.55.5 TODO(dduzgun-security): remove when deps is resolved + ] + } + } }