From f935258394bb81c3b48ae287497d69415f5d6189 Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Sun, 12 Jul 2026 09:58:05 +0530 Subject: [PATCH] Ignore inapplicable CVE --- .github/workflows/ci.py | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.py b/.github/workflows/ci.py index 39b458d2c..23a8a3a41 100644 --- a/.github/workflows/ci.py +++ b/.github/workflows/ci.py @@ -237,6 +237,7 @@ IGNORED_DEPENDENCY_CVES = [ 'CVE-2026-3276', # DoS in unicodedata.normalize() 'CVE-2026-7774', # tarfile.data_filter path traversal bypass 'CVE-2026-12003', # bug in release builds irrelevant to us + 'CVE-2026-15308', # bug in stdlib html parser irrelevant to us # github.com/nwaples/rardecode/v2 'CVE-2025-11579', # rardecode is version 2.2.1, not vulnerable 'CVE-2026-2673', # openssl fix not released