Ignore the devise-two-factor advisory as we have rate limits in place (#28733)

releases/v4.2.5
Claire 2024-01-15 11:45:48 +01:00
parent 7a22999f92
commit 4eb98ef755
1 changed files with 6 additions and 0 deletions

6
.bundler-audit.yml Normal file
View File

@ -0,0 +1,6 @@
---
ignore:
# devise-two-factor advisory about brute-forcing TOTP
# We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0
- CVE-2024-0227