diff --git a/.github/workflows/ci.py b/.github/workflows/ci.py index 39b458d2c..23a8a3a41 100644 --- a/.github/workflows/ci.py +++ b/.github/workflows/ci.py @@ -237,6 +237,7 @@ IGNORED_DEPENDENCY_CVES = [ 'CVE-2026-3276', # DoS in unicodedata.normalize() 'CVE-2026-7774', # tarfile.data_filter path traversal bypass 'CVE-2026-12003', # bug in release builds irrelevant to us + 'CVE-2026-15308', # bug in stdlib html parser irrelevant to us # github.com/nwaples/rardecode/v2 'CVE-2025-11579', # rardecode is version 2.2.1, not vulnerable 'CVE-2026-2673', # openssl fix not released