Skip to content

Commit

Permalink
ci: allowlisting for GMS-2021-101
Browse files Browse the repository at this point in the history 
Trivy currently finds the GMS-2021-101 vulnerability in every pipeline run. This vulnerability is introduced through a package used by cosign that in turn however pins to a version of the package in which the vulnerability is fixed. Thus this is a false-positive and is therefore allowlisted.
  • Loading branch information
@phbelitz
phbelitz committed Jan 21, 2022
1 parent a9e0e31 commit 29a27a5
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions .trivyignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
GMS-2021-101

0 comments on commit 29a27a5

Please sign in to comment.