Skip to content

Commit

Permalink
Merge pull request OpenMDAO#2734 from swryan/gitpython
Browse files Browse the repository at this point in the history
Temporarily ignore GitPython vulnerability in audit
  • Loading branch information
swryan authored Dec 16, 2022
2 parents 785c481 + c059ec4 commit af8f73e
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/openmdao_audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -120,13 +120,13 @@ jobs:
echo "found in the Python Packaging Advisory Database"
echo "(Temporarily ignoring PYSEC-2022-237 in mistune, required by nbconvert)"
echo "======================================================================="
python -m pip_audit -s pypi --ignore-vuln PYSEC-2022-237
python -m pip_audit -s pypi --ignore-vuln PYSEC-2022-237 --ignore-vuln GHSA-hcpj-qp55-gfph
echo "======================================================================="
echo "Scan environment for packages with known vulnerabilities"
echo "found in the Open Source Vulnerability database"
echo "======================================================================="
python -m pip_audit -s osv
python -m pip_audit -s osv --ignore-vuln GHSA-hcpj-qp55-gfph
- name: Notify slack
uses: act10ns/slack@v1.6.0
Expand Down

0 comments on commit af8f73e

Please sign in to comment.