odkr
/
sievemgr


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172
							version: '3.0'

scanning-settings:
  max-depth: 6
  exclude: []

report:
  dependency-vulnerabilities:
    enabled: true
    auto-ignore-in-report:
      python:
        environment-results: false
        unpinned-requirements: false
      vulnerabilities:
        67136:
          reason: Affects documentation toolchain only
          expires: '2026-03-01'
        67599:
          reason: Does not affect SieveManager as such
          expires: '2026-03-01'
        67895:
          reason: Work-around in place
          expires: '2026-03-01'
        70612:
          reason: Affects documentation toolchain only
          expires: '2026-03-01'
        71064:
          reason: Affects documentation toolchain only
          expires: '2026-03-01'
        71591:
          reason: Affects documentation toolchain only
          expires: '2026-03-01'
        71608:
          reason: Affects documentation toolchain and linters only
          expires: '2026-03-01'
        71636:
          reason: Affects the safety tool, not SieveManager
          expires: '2026-03-01'
        71681:
          reason: Not documented upstream
          expires: '2026-03-01'
        71684:
          reason: Not documented upstream
          expires: '2026-03-01'
        72236:
          reason: Affects setuptools, not SieveManager
          expires: '2026-03-01'
        72083:
          reason: Affects Sphinx, not SieveManager
          expires: '2026-03-01'

fail-scan-with-exit-code:
  dependency-vulnerabilities:
    enabled: true
    fail-on-any-of:
      cvss-severity:
        - high
        - critical
        - medium
        - low
      exploitability:
        - high
        - critical
        - medium
        - low

security-updates:
  dependency-vulnerabilities:
    auto-security-updates-limit:
      - patch