Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set snyk and safety to suppress scrapy vulnerability until 2024-06-01 #128

Closed
schmelz21 opened this issue Mar 26, 2024 · 1 comment
Closed

Set snyk and safety to suppress scrapy vulnerability until 2024-06-01 #128

schmelz21 opened this issue Mar 26, 2024 · 1 comment
Assignees
@schmelz21
Labels
bug This issue or pull request addresses broken functionality github_actions Pull requests that update GitHub Actions code

Comments

@schmelz21
Copy link
Collaborator

schmelz21 commented Mar 26, 2024
edited
Loading

🐛 Summary##

Update safetycli and snyk policy files to suppress vulnerability in scrapy >= 0.7. There is no fix for this vulnerability and it seems we aren't using the vulnerable functions.

See solution applied in old cisagov/crossfeed repository - cisagov/crossfeed#2438
@schmelz21 schmelz21 added bug This issue or pull request addresses broken functionality github_actions Pull requests that update GitHub Actions code labels Mar 26, 2024
@schmelz21 schmelz21 changed the title saftey Set snyk and safety to suppress scrapy vulnerability until 2024-06-01 Mar 26, 2024
@schmelz21
Copy link
Collaborator Author

Fixed - #8

@schmelz21 schmelz21 self-assigned this Apr 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@schmelz21 schmelz21

Labels
bug This issue or pull request addresses broken functionality github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@schmelz21