Skip to content

Commit

Permalink
chore(safety): ignore GitPython CVEs CVE-2023-{40590,41040}
Browse files Browse the repository at this point in the history 
GitPython is a development-only dependency of Bandit, which will be
obsoleted by #6961.  In the meantime:

- CVE-2023-40590 (Safety 60789) affects Windows, which we don't support.
- CVE-2023-41040 (Safety 60841) is not exploitable for our use of
  GitPython via Bandit.
  • Loading branch information
@cfm
cfm committed Oct 2, 2023
1 parent 496e6a2 commit f1fbc31
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,8 @@ safety: ## Run `safety check` to check python dependencies for vulnerabilities.
--ignore 58912 \
--ignore 59473 \
--ignore 60350 \
--ignore 60789 \
--ignore 60841 \
--full-report -r $$req_file \
&& echo -e '\n' \
|| exit 1; \
Expand Down

0 comments on commit f1fbc31

Please sign in to comment.