Ignore the devise-two-factor advisory as we have rate limits in place (#28733)

This commit is contained in:
Claire 2024-01-15 11:45:48 +01:00
parent 7a22999f92
commit 4eb98ef755

6
.bundler-audit.yml Normal file
View File

@ -0,0 +1,6 @@
---
ignore:
# devise-two-factor advisory about brute-forcing TOTP
# We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0
- CVE-2024-0227