Open cobya opened 2 months ago
For our OpenSSF Scorecard, we are consistently flagged for vulnerabilities in code which does not build but are used in our verification tests. Using the documentation at https://google.github.io/osv-scanner/configuration/ we should add exclusions for the detected vulnerabilities.
### Tasks - [ ] cocoapods - [ ] co - [ ] conda - [ ] docker - [ ] go - [ ] gradle - [ ] ivy - [ ] maven - [ ] npm - [ ] nuget - [ ] pip - [ ] pnpm - [ ] poetry - [ ] ruby - [ ] rust - [ ] spd - [ ] vcpkg
For our OpenSSF Scorecard, we are consistently flagged for vulnerabilities in code which does not build but are used in our verification tests. Using the documentation at https://google.github.io/osv-scanner/configuration/ we should add exclusions for the detected vulnerabilities.