chore: copy fast-xml-parser ignore from fhir api

tstephen-nhs · tstephen-nhs · commit 71c9d280e03d · 2026-02-02T17:11:55.000Z
diff --git a/.trivyignore.yaml b/.trivyignore.yaml
@@ -4,3 +4,6 @@ vulnerabilities:
       - "package-lock.json"
     statement: downstream dependency for tar - waiting for new npm release
     expired_at: 2026-06-01
+  - id: CVE-2026-25128
+    statement: fast-xml-parser vulnerability accepted as risk - dependency of aws-sdk/client-dynamodb
+    expired_at: 2026-03-01
