scan: skip-files: - "usr/sbin/gosu" # CVE patching is far behind and out of our control. - "app/gogs/gogs" # False positives on main builds severity: - CRITICAL - HIGH vulnerability: ignore-unfixed: true type: - os - library format: "table"
