CERBERUS/kitty
1
0
Fork 0
mirror of https://github.com/kovidgoyal/kitty.git synced 2026-05-13 08:26:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Ignore dependency CVEs against unreleased versions of deps

Browse source
This commit is contained in:
Kovid Goyal 2026-03-20 10:45:08 +05:30
parent 81c3fa71a0
commit c57305addc
No known key found for this signature in database
GPG key ID: 06BC317B515ACE7C
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.github/workflows/ci.py vendored
View file

@ -225,8 +225,11 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2025-12781',
'CVE-2025-11468',
'CVE-2026-2297',
'CVE-2026-3644',
'CVE-2026-4224',
# github.com/nwaples/rardecode/v2
'CVE-2025-11579', # rardecode is version 2.2.1, not vulnerable
'CVE-2026-2673', # openssl fix not released
]