From 2e0f3ec2cc50006b4e49deb8675efb7c2e736805 Mon Sep 17 00:00:00 2001 From: Neo2308 Date: Fri, 28 Jun 2024 00:12:58 +0530 Subject: [PATCH] Ignore requests security vulnerability --- images/ansible-operator/Dockerfile | 5 ++++- images/ansible-operator/pipfile.Dockerfile | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/images/ansible-operator/Dockerfile b/images/ansible-operator/Dockerfile index 567e518..259fb00 100644 --- a/images/ansible-operator/Dockerfile +++ b/images/ansible-operator/Dockerfile @@ -30,7 +30,10 @@ RUN set -e && yum clean all && rm -rf /var/cache/yum/* \ # - https://github.com/advisories/GHSA-f6pv-j8mr-w6rr \ # - https://github.com/dbt-labs/dbt-core/issues/10250 \ # - https://data.safetycli.com/v/70612/97c/ \ - && pipenv check --ignore 70612 \ + # NOTE: This ignored vulnerability (71064) was detected in requests, \ + # but the upgraded version doesn't support the use case (protocol we are using).\ + # Ref: https://github.com/operator-framework/ansible-operator-plugins/pull/67#issuecomment-2189164688 + && pipenv check --ignore 70612 --ignore 71064 \ && yum remove -y gcc libffi-devel openssl-devel python39-devel \ && yum clean all \ && rm -rf /var/cache/yum diff --git a/images/ansible-operator/pipfile.Dockerfile b/images/ansible-operator/pipfile.Dockerfile index 091c857..bc2f4a2 100644 --- a/images/ansible-operator/pipfile.Dockerfile +++ b/images/ansible-operator/pipfile.Dockerfile @@ -26,7 +26,10 @@ RUN set -e && yum clean all && rm -rf /var/cache/yum/* \ # - https://github.com/advisories/GHSA-f6pv-j8mr-w6rr \ # - https://github.com/dbt-labs/dbt-core/issues/10250 \ # - https://data.safetycli.com/v/70612/97c/ \ - && pipenv check --ignore 70612 \ + # NOTE: This ignored vulnerability (71064) was detected in requests, \ + # but the upgraded version doesn't support the use case (protocol we are using).\ + # Ref: https://github.com/operator-framework/ansible-operator-plugins/pull/67#issuecomment-2189164688 + && pipenv check --ignore 70612 --ignore 71064 \ && yum remove -y gcc libffi-devel openssl-devel python39-devel \ && yum clean all \ && rm -rf /var/cache/yum