Skip to content

Commit 2146a9e

Browse files
wildjameswildjames
authored
Chore: [AEA-0000] - Trivy ignore minimatch issues (#574)
## Summary - 🤖 Operational or Infrastructure Change ### Details A really old version of minimatch is required for AWS-CDK-lib and ts-jest.
1 parent 3137145 commit 2146a9e

2 files changed

Lines changed: 13 additions & 16 deletions

File tree

.trivyignore.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,3 +50,15 @@ vulnerabilities:
5050
- id: CVE-2026-26960
5151
statement: tar node module
5252
expired_at: 2026-06-01
53+
- id: CVE-2026-27903
54+
statement: Minimatch subdependency needed for aws-cdk-lib and jest.
55+
expired_at: 2026-06-01
56+
- id: CVE-2026-27904
57+
statement: Minimatch subdependency needed for aws-cdk-lib and jest.
58+
expired_at: 2026-06-01
59+
- id: CVE-2026-27606
60+
statement: Minimatch subdependency needed for aws-cdk-lib and jest.
61+
expired_at: 2026-06-01
62+
- id: CVE-2026-29786
63+
statement: node-tar requrired dependency, and not a relelveant attack vector
64+
expired_at: 2026-06-01

package-lock.json

Lines changed: 1 addition & 16 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)