From e9248111b3299b93418457c719fad86b10905f6a Mon Sep 17 00:00:00 2001
From: staticdev <thiagocavila@gmail.com>
Date: Wed, 3 Feb 2021 19:30:55 +0100
Subject: [PATCH] Ignore CVE-2020-28476 affecting tornado

---
 noxfile.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/noxfile.py b/noxfile.py
index 936141b..fcdaebd 100644
--- a/noxfile.py
+++ b/noxfile.py
@@ -99,7 +99,9 @@ def safety(session: Session) -> None:
     """Scan dependencies for insecure packages."""
     session.install("safety")
     requirements = nox_poetry.export_requirements(session)
-    session.run("safety", "check", f"--file={requirements}", "--bare")
+    # Ignore CVE-2020-28476 affecting all versions of tornado
+    # https://github.com/tornadoweb/tornado/issues/2981
+    session.run("safety", "check", f"--file={requirements}", "--bare", "--ignore=39462")
 
 
 @nox.session(python=python_versions)