fleet/.trivyignore

# These AWS SDK CVEs do not impact Fleet as we do not use S3 client-side crypto features

CVE-2020-8911
CVE-2020-8912
GHSA-7f33-f4f5-xwgw
GHSA-f5pg-7wfw-84q9

# Vulnerable code in trim is not used in Fleet

CVE-2020-7753

# We feel like the risk of DoS using this technique, which requires being logged in, is low probability and low impact, as such we will not update glob-parent only for this CVE

CVE-2020-28469
8241 trivy ignore file action (#8345) * Create .trivyignore Adding original trivy ignore file. Working to resolve/document more of the findings, especially around go.mod. Will add a github action as well. * Adding default trivy scan for testing * Update trivy_scan.yml Making it manual + daily for now * Update trivy_scan.yml updating name * Renamed + configured Trivy scan 2022-10-31 14:50:29 +00:00			`# These AWS SDK CVEs do not impact Fleet as we do not use S3 client-side crypto features`

			`CVE-2020-8911`
			`CVE-2020-8912`
			`GHSA-7f33-f4f5-xwgw`
			`GHSA-f5pg-7wfw-84q9`

			`# Vulnerable code in trim is not used in Fleet`

			`CVE-2020-7753`

			`# We feel like the risk of DoS using this technique, which requires being logged in, is low probability and low impact, as such we will not update glob-parent only for this CVE`

			`CVE-2020-28469`