External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 15:02:05 -03:30
Code Issues Packages Projects Releases Wiki Activity
keycloak/distribution/maven-plugins/osv-scanner.toml
Bruno Oliveira da Silva 9bfa4cd138 Supress the false positives reported by scorecards 
Closes #37499

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2025-02-19 16:16:56 -03:00

11 lines
499 B
TOML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Ignore false positives for https://securityscorecards.dev/viewer/?uri=github.com/keycloak/keycloak
# Suppress TestNG alert:
# - TestNG is brought in as a transitive dependency via groovy-testng.
# - Test dependencies are not included in the server distribution.
# - The latest groovy-testng version doesn't address the CVE.
[[IgnoredVulns]]
id = "GHSA-rc2q-x9mf-w3vf"
reason = "suppressed because TestNG, a transitive dependency from groovy-testng, isnt included in the server distribution."
Reference in New Issue View Git Blame Copy Permalink