-
Notifications
You must be signed in to change notification settings - Fork 49
/
audit-ci.jsonc
24 lines (24 loc) · 1.54 KB
/
audit-ci.jsonc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
{
"$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
// audit-ci supports reading JSON, JSONC, and JSON5 config files.
// Only use one of ["low": true, "moderate": true, "high": true, "critical": true]
"moderate": true,
"allowlist": [ // NOTE: Please add as much information as possible to any items added to the allowList
// Currently no fixes available for the following
"GHSA-v88g-cgmw-v5xw", // widdershins>swagger2openapi>oas-validator>ajv
"GHSA-phwq-j96m-2c2q", // @mojaloop/central-services-shared>shins>ejs
"GHSA-282f-qqgm-c34q", // widdershins>swagger2openapi>better-ajv-errors>jsonpointer
"GHSA-8cf7-32gw-wr33", // @now-ims/hapi-now-auth>jsonwebtoken
"GHSA-hjrf-2m68-5959", // @now-ims/hapi-now-auth>jsonwebtoken
"GHSA-qwph-4952-7xr6", // @now-ims/hapi-now-auth>jsonwebtoken
"GHSA-6vfc-qv3f-vr6c", // widdershins>markdown-it
"GHSA-7fh5-64p2-3v2j", // @mojaloop/central-services-shared>shins>sanitize-html>postcss
"GHSA-mjxr-4v3x-q3m4", // @mojaloop/central-services-shared>shins>sanitize-html
"GHSA-rjqq-98f6-6j3r", // @mojaloop/central-services-shared>shins>sanitize-html
"GHSA-rm97-x556-q36h", // @mojaloop/central-services-shared>shins>sanitize-html
"GHSA-w5p7-h5w8-2hfq", // tap-spec>tap-out>trim
"GHSA-p9pc-299p-vxgp", // widdershins>yargs>yargs-parser
"GHSA-cgfm-xwp7-2cvr", // @mojaloop/central-services-shared>shins>sanitize-html
"GHSA-3xgq-45jj-v275" // High vulnerability https://github.com/advisories/GHSA-3xgq-45jj-v275 ignoring for now since devDependency
]
}