mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-26 08:10:20 +00:00
ci: allow CVE-2019-11255 in Kubernetes module dependency
It is unclear how a module for utility functions can have the same problem as a separate side-car that is expected to do the input validation. The side-cars have been fixed already, no further details are in the CVE description (from 2019). See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4 Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit is contained in:
parent
30da273e5e
commit
ce26b0e212
2
.github/workflows/dependency-review.yaml
vendored
2
.github/workflows/dependency-review.yaml
vendored
@ -18,3 +18,5 @@ jobs:
|
|||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
- name: 'Dependency Review'
|
- name: 'Dependency Review'
|
||||||
uses: actions/dependency-review-action@v3
|
uses: actions/dependency-review-action@v3
|
||||||
|
with:
|
||||||
|
allow-ghsas: GHSA-f4w6-3rh6-6q4q
|
||||||
|
Loading…
Reference in New Issue
Block a user