mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-09-14 23:12:46 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

🩹 fix bandit warning

Browse source 
F-Droid server doesn't fetch pip dependencies directly from mercurial/hg
repositories. So https://data.safetycli.com/v/62044/f17/ is not
affecting us. Hence we can ingore it.
This commit is contained in:
Michael Pöhn 2023-11-30 17:49:55 +01:00
parent 304caa4b42
commit ac2a3896aa
No known key found for this signature in database
GPG key ID: 725F386C05529A5A
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.safety-policy.yml
View file

@ -14,3 +14,6 @@ security:
60841: 60841:
reason: GitPython comes from Debian https://security-tracker.debian.org/tracker/CVE-2023-41040 reason: GitPython comes from Debian https://security-tracker.debian.org/tracker/CVE-2023-41040
expires: '2025-01-31' expires: '2025-01-31'
62044:
reason: "F-Droid doesn't fetch pip dependencies directly from hg/mercurial repositories: https://data.safetycli.com/v/62044/f17/"
expires: '2025-01-31'