From d79a4c0c76f66180f7c9d2407d8e58dde312f0e9 Mon Sep 17 00:00:00 2001 From: Connor Yoh Date: Mon, 21 Jul 2025 12:01:43 +0100 Subject: [PATCH] Added ignore for accepted vulnerability --- .github/config/dependency-review-config.yml | 1 + .github/workflows/dependency-review.yml | 2 ++ 2 files changed, 3 insertions(+) create mode 100644 .github/config/dependency-review-config.yml diff --git a/.github/config/dependency-review-config.yml b/.github/config/dependency-review-config.yml new file mode 100644 index 000000000..5df58cdb9 --- /dev/null +++ b/.github/config/dependency-review-config.yml @@ -0,0 +1 @@ +allow-ghsas: GHSA-wrw7-89jp-8q8g \ No newline at end of file diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 154b6bdae..9d697e98f 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -25,3 +25,5 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: "Dependency Review" uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1 + with: + config-file: './.github/config/dependency-review-config.yml'