Add parse-url to audit allow list

Alxmalaga · Sep 16, 2022 · 0388e62 · 0388e62
1 parent e6257f1
commit 0388e62
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/scripts/audit-allow-list b/scripts/audit-allow-list
@@ -54,6 +54,16 @@ const AUDIT_ALLOW_LIST = [
     path: "lerna>@lerna/version>@lerna/conventional-commits>conventional-changelog-core>get-pkg-repo>meow>trim-newlines",
     advisoryUrl: "https://www.npmjs.com/advisories/1753",
     justification: "dependency of lerna (dev only); low severity"
+  },
+  {
+    path: "lerna>@lerna/version>@lerna/github-client>git-url-parse>git-up>parse-url",
+    advisoryUrl: "https://github.com/advisories/GHSA-j9fq-vwqv-2fm2",
+    justification: "dependency of lerna; moderate severity"
+  },
+  {
+    path: "lerna>@lerna/publish>@lerna/version>@lerna/github-client>git-url-parse>git-up>parse-url",
+    advisoryUrl: "https://github.com/advisories/GHSA-j9fq-vwqv-2fm2",
+    justification: "dependency of lerna; moderate severity"
   }
 ]
 
@@ -86,4 +96,4 @@ if (numVulnerabilities > 0) {
   console.log(`Found ${numVulnerabilities} unrecognized vulnerabilit${pluralized} from \`npm audit\`:`)
   console.log(JSON.stringify(remainingVulnerabilities, null, 2))
   process.exit(1)
-}
+}