ci: allow CVE-2019-11255 in Kubernetes module dependency

It is unclear how a module for utility functions can have the same
problem as a separate side-car that is expected to do the input
validation. The side-cars have been fixed already, no further details
are in the CVE description (from 2019).

See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4
Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit is contained in:
Niels de Vos 2023-07-26 08:41:43 +02:00 committed by mergify[bot]
parent 30da273e5e
commit ce26b0e212

View File

@ -18,3 +18,5 @@ jobs:
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: 'Dependency Review' - name: 'Dependency Review'
uses: actions/dependency-review-action@v3 uses: actions/dependency-review-action@v3
with:
allow-ghsas: GHSA-f4w6-3rh6-6q4q