github.com/hashicorp/packer@v1.14.3/.release/security-scan.hcl

github.com/hashicorp/packer@v1.14.3/.release/security-scan.hcl (about)

     1  # Copyright (c) HashiCorp, Inc.
     2  # SPDX-License-Identifier: BUSL-1.1
     3  
     4  container {
     5  	dependencies = false
     6  	alpine_secdb = true
     7  	secrets      = false
     8  }
     9  
    10  binary {
    11  	secrets      = true
    12  	go_modules   = true
    13  	osv          = true
    14  	oss_index    = true
    15  	nvd          = false
    16  
    17  	# Triage items that are _safe_ to ignore here. Note that this list should be
    18  	# periodically cleaned up to remove items that are no longer found by the scanner.
    19  	triage {
    20  		suppress {
    21  			vulnerabilities = [
    22  				"GO-2022-0635", // github.com/aws/aws-sdk-go@v1.55.5 TODO(dduzgun-security): remove when deps is resolved
    23  			]
    24  		}
    25  	}
    26  }