Hans-Christoph Steiner
ef247bc97a
safety: make CVE-2024-5569 just a warning
...
We get these packages from Debian, zipp is not used in production, and its
only a DoS.
2024-09-04 13:38:44 +00:00
Hans-Christoph Steiner
6e489b78b3
safety: ignore false positive
...
jinja2 is not used by fdroidserver, nor any dependencies I could find via
debtree and pipdeptree.
2024-06-07 12:04:12 +02:00
Hans-Christoph Steiner
6bebd8b160
safety: ignore CVE-2018-20225, should never affect fdroidserver
...
https://data.safetycli.com/v/67599/97c
2024-05-13 10:33:37 +02:00
Hans-Christoph Steiner
b36153b06c
safety: ignore CVE-2024-22190 it only affects Windows
...
https://security-tracker.debian.org/tracker/CVE-2024-22190
2024-02-14 17:46:12 +01:00
Michael Pöhn
ac2a3896aa
🩹 fix bandit warning
...
F-Droid server doesn't fetch pip dependencies directly from mercurial/hg
repositories. So https://data.safetycli.com/v/62044/f17/ is not
affecting us. Hence we can ingore it.
2023-11-30 17:49:55 +01:00
Hans-Christoph Steiner
667567abb8
safety: ignore CVEs patched in Debian
2023-10-10 09:33:51 +02:00
Hans-Christoph Steiner
17cb026d97
safety: ignore 60350, it is being handled in Debian
...
* https://security-tracker.debian.org/tracker/CVE-2023-40267
2023-09-20 10:10:15 +02:00
Hans-Christoph Steiner
98769d8405
gitlab-ci: ignore setuptools DoS error from safety
2023-02-02 15:49:20 +01:00