From a457718350f1d83cef6f7ee27c8259b91bd8492e Mon Sep 17 00:00:00 2001
From: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>
Date: Wed, 6 Mar 2024 12:38:36 -0800
Subject: [PATCH] added cve exception (#31)

Signed-off-by: Michael Wilkerson <mwilkerson@hashicorp.com>
---
 scan.hcl | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 scan.hcl

diff --git a/scan.hcl b/scan.hcl
new file mode 100644
index 0000000..f91f3a0
--- /dev/null
+++ b/scan.hcl
@@ -0,0 +1,33 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: MPL-2.0
+
+# Configuration for security scanner.
+# Run on PRs and pushes to `main` and `release/**` branches.
+# See .github/workflows/security-scan.yml for CI config.
+
+# To run manually, install scanner and then run `scan repository .`
+
+# Scan results are triaged via the GitHub Security tab for this repo.
+# See `security-scanner` docs for more information on how to add `triage` config
+# for specific results or to exclude paths.
+
+# .release/security-scan.hcl controls scanner config for release artifacts, which
+# unlike the scans configured here, will block releases in CRT.
+
+repository {
+  go_modules   = true
+  npm          = true
+  osv          = true
+
+  secrets {
+    all = true
+  }
+
+  triage {
+    suppress {
+      vulnerabilites = [
+        "GO-2024-2611", #alias
+      ]
+    }
+  }
+}
\ No newline at end of file