From c9e3a131215c80faca2bb3d331edf4deb51be8ed Mon Sep 17 00:00:00 2001
From: Ezio Melotti <ezio.melotti@gmail.com>
Date: Sun, 30 Jun 2024 17:55:26 +0900
Subject: [PATCH] Ignore Jinja2 CVE warning in `safety` dep (#129)

* Ignore Jinja2 CVE warning in `safety` dep

* Specify `--ignore` twice
---
 .github/workflows/lint.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 0028aca..83d6b76 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -26,5 +26,6 @@ jobs:
           # TODO: remove setuptools installation when safety==2.4.0 is released
           python -m pip install --upgrade safety setuptools
           python -m pip install --editable .
-      # Ignore CVE-2023-5752, we're not using that pip or feature
-      - run: safety check --ignore 62044
+      # Ignore 62044 / CVE-2023-5752, we're not using that pip or feature
+      # Ignore 70612 / CVE-2019-8341, Jinja2 is a safety dep, not ours
+      - run: safety check --ignore 62044 --ignore 70612