sec: suppress osv alert in CRT (#24701)

* sec: suppress GO-2022-0635 osv alert in CRT * hclfmt
hashicorp · Dec 17, 2024 · a4ac202 · a4ac202
1 parent 7746f29
commit a4ac202
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
@@ -23,4 +23,14 @@ binary {
     all               = true
     skip_path_strings = ["/website/content/"]
   }
+
+  # Triage items that are _safe_ to ignore here. Note that this list should be
+  # periodically cleaned up to remove items that are no longer found by the scanner.
+  triage {
+    suppress {
+      vulnerabilities = [
+        "GO-2022-0635", // github.com/aws/[email protected] TODO(dduzgun-security): remove when deps is resolved
+      ]
+    }
+  }
 }