AEA-5986 Add minimatch vulnerability to trivy ignore.

originalphil · originalphil · commit fe9c4b7eeb5f · 2026-03-04T14:24:15.000Z
diff --git a/.trivyignore.yaml b/.trivyignore.yaml
@@ -16,6 +16,12 @@ vulnerabilities:
   - id: CVE-2026-26996
     statement: minimatch vulnerability accepted as risk
     expired_at: 2026-06-01
+  - id: CVE-2026-27903
+    statement: minimatch vulnerability accepted as risk - dependency of npm (multiple)
+    expired_at: 2026-06-01
+  - id: CVE-2026-27904
+    statement: minimatch vulnerability accepted as risk - dependency of npm (multiple)
+    expired_at: 2026-06-01
   - id: CVE-2026-26960
     statement: tar vulnerability accepted as risk
     expired_at: 2026-06-01
