From 80d4c488d5c95d9247744b40001998db0f4932b9 Mon Sep 17 00:00:00 2001
From: Jack Kelly <jack@control-plane.io>
Date: Tue, 2 Jan 2024 18:27:48 +0000
Subject: [PATCH] chore: ignore vuln in packers dependencies

Vuln in go-git isn't of risk to this project
---
 .trivy-config/.trivyignore | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.trivy-config/.trivyignore b/.trivy-config/.trivyignore
index 89dd8835..11c06c2d 100644
--- a/.trivy-config/.trivyignore
+++ b/.trivy-config/.trivyignore
@@ -1,5 +1,5 @@
 ## these following are not fixed in the upstream yet, so we are ignoring them for now
-# packer-plugin-amazon_v1.2.8_x5.0_linux_amd64 
+# packer-plugin-amazon_v1.2.8_x5.0_linux_amd64
 # registry.terraform.io/hashicorp/template/2.2.0/linux_amd64/terraform-provider-template_v2.2.0_x4
 CVE-2023-39325
 GHSA-m425-mq94-257g
@@ -22,3 +22,7 @@ CVE-2022-27664
 CVE-2022-41723
 CVE-2021-38561
 CVE-2022-32149
+# packer's dependency go-git
+# packer being non-responsive isn't a worry and responses
+# from github shouldn't be an issue
+CVE-2023-49568