ignore irrelevant pylint CVE (pylint-dev/pylint#5322)

crim-ca · Jun 10, 2022 · 9b454dd · 9b454dd
1 parent 7031fd6
commit 9b454dd
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/Makefile b/Makefile
@@ -503,8 +503,12 @@ check-security-only: check-security-code-only check-security-deps-only  ## run s
 # FIXME: safety ignore file (https://github.com/pyupio/safety/issues/351)
 # ignored codes:
 #	42194: https://github.com/kvesteri/sqlalchemy-utils/issues/166  # not fixed since 2015
-#   42498: celery<5.2.0 bumps kombu>=5.2.1 with security fixes to {redis,sqs}  # mongo is used by default in Weaver
+#	42498: celery<5.2.0 bumps kombu>=5.2.1 with security fixes to {redis,sqs}  # mongo is used by default in Weaver
 #	43738: celery<5.2.2 CVE-2021-23727: trusts the messages and metadata stored in backends
+#	45185: pylint<2.13.0: unrelated doc extension (https://github.com/PyCQA/pylint/issues/5322)
+SAFETY_IGNORE := 42194 42498 43738 45185
+SAFETY_IGNORE := $(addprefix "-i ",$(SAFETY_IGNORE))
+
 .PHONY: check-security-deps-only
 check-security-deps-only: mkdir-reports  ## run security checks on package dependencies
 	@echo "Running security checks of dependencies..."
@@ -516,9 +520,7 @@ check-security-deps-only: mkdir-reports  ## run security checks on package depen
 			-r "$(APP_ROOT)/requirements-dev.txt" \
 			-r "$(APP_ROOT)/requirements-doc.txt" \
 			-r "$(APP_ROOT)/requirements-sys.txt" \
-			-i 42194 \
-			-i 42498 \
-			-i 43738 \
+			$(SAFETY_IGNORE) \
 		1> >(tee "$(REPORTS_DIR)/check-security-deps.txt")'
 
 .PHONY: check-security-code-only