Skip to content

Commit

Permalink
Update .safety-policy.yml to suppress scrapy vulnerablility for six m…
Browse files Browse the repository at this point in the history
…onths.
  • Loading branch information
Matthew-Grayson committed Jan 2, 2024
1 parent 739b389 commit 6070ced
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions backend/worker/.safety-policy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ security: # configuration for the `safety check` command
ignore-cvss-unknown-severity: False # True or False. We recommend you set this to False.
ignore-vulnerabilities: # Here you can list multiple specific vulnerabilities you want to ignore (optionally for a time period)
# We recommend making use of the optional `reason` and `expires` keys for each vulnerability that you ignore.
54672: # Vulnerability found in scrapy version 2.9.0
54672: # Vulnerability found in scrapy version >= 0.7
reason: No fix currently available # optional, for internal note purposes to communicate with your team. This reason will be reported in the Safety reports
expires: '2023-11-01' # We will revisit for a fix in 6 months.
expires: '2024-06-01' # We will revisit for a fix in 6 months.
continue-on-vulnerability-error: False # Suppress non-zero exit codes when vulnerabilities are found. Enable this in pipelines and CI/CD processes if you want to pass builds that have vulnerabilities. We recommend you set this to False.

0 comments on commit 6070ced

Please sign in to comment.