Kavitha| update trivy ignore list for #29415 (#965)

* Kavitha| update trivy ignore list for #29415 * update. Ruby version to 3.1 --------- Co-authored-by: Arjun-Go <[email protected]>
Bahmni · Jun 10, 2024 · 9acaf6b · 9acaf6b
1 parent ae414a8
commit 9acaf6b
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 4 deletions.
diff --git a/.github/workflows/build_publish.yml b/.github/workflows/build_publish.yml
@@ -28,10 +28,10 @@ jobs:
         uses: actions/setup-node@v1
         with:
           node-version: 14.x
-      - name: Use Ruby 2.5
+      - name: Use Ruby 3.1
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: 2.5
+          ruby-version: 3.1
       - run: npm install -g bower
       - run: npm install -g grunt-cli
       - run: gem install compass

diff --git a/.github/workflows/validate_pr.yml b/.github/workflows/validate_pr.yml
@@ -13,10 +13,10 @@ jobs:
         uses: actions/setup-node@v1
         with:
           node-version: 14.x
-      - name: Use Ruby 2.5
+      - name: Use Ruby 3.1
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: 2.5
+          ruby-version: 3.1
       - run: npm install -g bower 
       - run: npm install -g grunt-cli 
       - run: gem install compass  

diff --git a/.trivyignore b/.trivyignore
@@ -67,3 +67,4 @@ CVE-2023-42282 #Installed version 2.0.0 https://avd.aquasec.com/nvd/cve-2023-422
 CVE-2024-21490 #angular: Inefficient Regular Expression Complexity https://avd.aquasec.com/nvd/cve-2024-21490
 CVE-2024-29180 #webpack-dev-middleware https://avd.aquasec.com/nvd/cve-2024-29180
 CVE-2022-37620 #html-minifier latest version 4.0.0 does not have a fix for the vulnerability kangax html-minifier REDoS vulnerability https://avd.aquasec.com/nvd/cve-2022-37620
+CVE-2024-29415 #node-ip: Incomplete fix for CVE-2023-42282 https://avd.aquasec.com/nvd/cve-2024-29415