From d8d8574c6d031b700824b81614bed9617845f35e Mon Sep 17 00:00:00 2001 From: Suraj Pai Date: Thu, 13 Jun 2024 03:22:56 +0000 Subject: [PATCH] Update safety policy --- .safety-policy.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.safety-policy.yml b/.safety-policy.yml index facc5cc3..c21c3c95 100644 --- a/.safety-policy.yml +++ b/.safety-policy.yml @@ -8,10 +8,10 @@ security: # configuration for the `safety check` command ignore-cvss-unknown-severity: False # True or False. We recommend you set this to False. ignore-vulnerabilities: # Here you can list multiple specific vulnerabilities you want to ignore (optionally for a time period) # We recommend making use of the optional `reason` and `expires` keys for each vulnerability that you ignore. - 51457: # Example vulnerability ID - reason: 'This is a dependency of pytest-htnk, look here for more info:https://github.com/pytest-dev/pytest-html/issues/350' # optional, for internal note purposes to communicate with your team. This reason will be reported in the Safety reports - expires: '2023-12-31' # datetime string - date this ignore will expire, best practice to use this variable - continue-on-vulnerability-error: False # Suppress non-zero exit codes when vulnerabilities are found. Enable this in pipelines and CI/CD processes if you want to pass builds that have vulnerabilities. We recommend you set this to False. + 70612: + reason: "https://data.safetycli.com/v/70612/97c/" + expires: '2025-12-31' # datetime string - date this ignore will expire, best practice to use this variable + continue-on-vulnerability-error: True # Suppress non-zero exit codes when vulnerabilities are found. Enable this in pipelines and CI/CD processes if you want to pass builds that have vulnerabilities. We recommend you set this to False. alert: # configuration for the `safety alert` command security: # Configuration specific to Safety's GitHub Issue alerting