From e342f5ffab6ee615c8facfb61ce3870949b4164b Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Fri, 16 Jan 2026 19:13:16 +0530
Subject: [PATCH] Ignore inapplicable CVE in python stdlib

---
 .github/workflows/ci.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.py b/.github/workflows/ci.py
index b60778b15..d0f0fe9f9 100644
--- a/.github/workflows/ci.py
+++ b/.github/workflows/ci.py
@@ -211,7 +211,8 @@ IGNORED_DEPENDENCY_CVES = [
     'CVE-2025-8194', # DoS in tarfile
     'CVE-2025-6069', # DoS in HTMLParser
     'CVE-2025-13836', # DoS in http client reading from malicious server
-    'CVE-2025-12084',  # DoS in xml.dom.minidom unused in kitty
+    'CVE-2025-12084', # DoS in xml.dom.minidom unused in kitty
+    'CVE-2025-13837', # DoS in plistlib reading plist. We only use plistlib for writing
     # glib
     'CVE-2025-4056', # Only affects Windows, on which we dont run
     # github.com/nwaples/rardecode/v2