chinwag/chinwagsocial
chinwag/chinwagsocial
2
0
Fork 0
Code Issues Pull requests Releases 4 Wiki Activity

Ignore CVE-2024-8796, which does not impact us

Browse source
This commit is contained in:
Claire 2024-09-27 14:31:00 +02:00
parent 346c37df80
commit d2842db18d
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.bundler-audit.yml
View file

@ -4,3 +4,7 @@ ignore:
# We have rate-limits on authentication endpoints in place (including second # We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0 # factor verification) since Mastodon v3.2.0
- CVE-2024-0227 - CVE-2024-0227
# devise-two-factor advisory about generated secrets being weaker than expected
# We call `generate_otp_secret` ourselves with a requested length of 32 characters,
# which exceeds the recommended remediation of 26 characters, so we're safe
- CVE-2024-8796