ignore security issues (#19662)

getsentry · Jul 1, 2020 · f7dd579 · f7dd579
1 parent b4e2599
commit f7dd579
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/bin/scan b/bin/scan
@@ -25,6 +25,14 @@ ignored=(
     # XXX: This is... unfortunately not present in safety's db right now. It is in synk though:
     # https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-450194
     # XSS in the "browsable api" drf < 3.9.1 view templates - doesn't apply to us.
+
+
+    # Pillow security issues (no py2 compatible fix)
+    # XXX(josh): Assess impact. Seems like those could hurt us during avatar upload
+    38449
+    38450
+    38451
+    38452
 )
 
 # Take additional ignores from argv.