Ignore Jinja2 CVE warning in safety dep (#129)

* Ignore Jinja2 CVE warning in `safety` dep * Specify `--ignore` twice
python · Jun 30, 2024 · c9e3a13 · c9e3a13
1 parent b31e3bd
commit c9e3a13
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -26,5 +26,6 @@ jobs:
           # TODO: remove setuptools installation when safety==2.4.0 is released
           python -m pip install --upgrade safety setuptools
           python -m pip install --editable .
-      # Ignore CVE-2023-5752, we're not using that pip or feature
-      - run: safety check --ignore 62044
+      # Ignore 62044 / CVE-2023-5752, we're not using that pip or feature
+      # Ignore 70612 / CVE-2019-8341, Jinja2 is a safety dep, not ours
+      - run: safety check --ignore 62044 --ignore 70612