mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-22 14:20:19 +00:00
ci: allow CVE-2019-11255 in Kubernetes module dependency
It is unclear how a module for utility functions can have the same problem as a separate side-car that is expected to do the input validation. The side-cars have been fixed already, no further details are in the CVE description (from 2019). See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4 Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit is contained in:
Niels de Vos
mergify[bot]
parent
30da273e5e
commit
ce26b0e212
2
.github/workflows/dependency-review.yaml
vendored
2
.github/workflows/dependency-review.yaml
vendored
@ -18,3 +18,5 @@ jobs:
|
||||
uses: actions/checkout@v3
|
||||
- name: 'Dependency Review'
|
||||
uses: actions/dependency-review-action@v3
|
||||
with:
|
||||
allow-ghsas: GHSA-f4w6-3rh6-6q4q
|
||||
|
||||
Loading…
Reference in New Issue
Block a user