ci: add osv-scanner exception for integration tests (#49)

lhoupert · web-flow · commit 3e63a48173c5 · 2026-03-30T12:39:02.000+02:00
diff --git a/integration-tests/cases/01-requirements-flat/osv-scanner.toml b/integration-tests/cases/01-requirements-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/02-requirements-src-bandit/osv-scanner.toml b/integration-tests/cases/02-requirements-src-bandit/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/03-requirements-multi-both/osv-scanner.toml b/integration-tests/cases/03-requirements-multi-both/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/04-uv-flat/osv-scanner.toml b/integration-tests/cases/04-uv-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/05-uv-src-vuln/osv-scanner.toml b/integration-tests/cases/05-uv-src-vuln/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/06-uv-multi-bandit/osv-scanner.toml b/integration-tests/cases/06-uv-multi-bandit/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/07-poetry-flat/osv-scanner.toml b/integration-tests/cases/07-poetry-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/08-poetry-src-both/osv-scanner.toml b/integration-tests/cases/08-poetry-src-both/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/09-pipenv-flat/osv-scanner.toml b/integration-tests/cases/09-pipenv-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/10-pipenv-multi-bandit/osv-scanner.toml b/integration-tests/cases/10-pipenv-multi-bandit/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/11-requirements-root/osv-scanner.toml b/integration-tests/cases/11-requirements-root/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/12-uv-flat-bandit-only/osv-scanner.toml b/integration-tests/cases/12-uv-flat-bandit-only/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/13-requirements-unfixable/osv-scanner.toml b/integration-tests/cases/13-requirements-unfixable/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/14-uv-low-threshold/osv-scanner.toml b/integration-tests/cases/14-uv-low-threshold/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+[[PackageOverrides]]`
	`2`	`+ignore = true`
	`3`	`+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."`