Ignore the devise-two-factor advisory as we have rate limits in place (#28733)

This commit is contained in:
Claire 2024-01-15 11:45:48 +01:00 committed by GitHub
parent 58830be943
commit e81c5c0a51
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

6
.bundler-audit.yml Normal file
View file

@ -0,0 +1,6 @@
---
ignore:
# devise-two-factor advisory about brute-forcing TOTP
# We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0
- CVE-2024-0227