-
Notifications
You must be signed in to change notification settings - Fork 29
/
audit-ci.jsonc
18 lines (18 loc) · 981 Bytes
/
audit-ci.jsonc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
{
"$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
// audit-ci supports reading JSON, JSONC, and JSON5 config files.
// Only use one of ["low": true, "moderate": true, "high": true, "critical": true]
"moderate": true,
"allowlist": [
// TODO: multer lib is using some vulnerable dependency
"GHSA-wm7h-9275-46v2", // https://github.com/advisories/GHSA-wm7h-9275-46v2
// json web token, no fix available
"GHSA-8cf7-32gw-wr33", // https://github.com/advisories/GHSA-8cf7-32gw-wr33
"GHSA-hjrf-2m68-5959", // https://github.com/advisories/GHSA-hjrf-2m68-5959
"GHSA-qwph-4952-7xr6", // https://github.com/advisories/GHSA-qwph-4952-7xr6
// request-provise-native, no fix available
"GHSA-p8p7-x288-28g6", // https://github.com/advisories/GHSA-p8p7-x288-28g6
"GHSA-72xf-g2v4-qvf3", // https://github.com/advisories/GHSA-72xf-g2v4-qvf3,
"GHSA-78xj-cgh5-2h22" // https://github.com/advisories/GHSA-78xj-cgh5-2h22
]
}