From 071272cc2613ace1630fdaba1cf4a3a36f737b85 Mon Sep 17 00:00:00 2001
From: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
Date: Tue, 17 Dec 2024 19:56:52 +0000
Subject: [PATCH] backport of commit a4ac2025f4ac10b051ce99078fc01e8407d1c37a

---
 .release/security-scan.hcl | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index 0e192490d80..c82d9b69a4e 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -23,4 +23,14 @@ binary {
     all               = true
     skip_path_strings = ["/website/content/"]
   }
+
+  # Triage items that are _safe_ to ignore here. Note that this list should be
+  # periodically cleaned up to remove items that are no longer found by the scanner.
+  triage {
+    suppress {
+      vulnerabilities = [
+        "GO-2022-0635", // github.com/aws/aws-sdk-go@v1.55.5 TODO(dduzgun-security): remove when deps is resolved
+      ]
+    }
+  }
 }