Skip to content

feat(audit): add --ignore flag to filter advisories by CVE ID#32221

Merged
bartlomieju merged 4 commits intodenoland:mainfrom
bartlomieju:feat/audit-ignore-cve
Feb 18, 2026
Merged

feat(audit): add --ignore flag to filter advisories by CVE ID#32221
bartlomieju merged 4 commits intodenoland:mainfrom
bartlomieju:feat/audit-ignore-cve

Conversation

@bartlomieju
Copy link
Copy Markdown
Member

@bartlomieju bartlomieju commented Feb 18, 2026

Summary

  • Adds --ignore (aliased as --ignore-cve) flag to deno audit that accepts CVE IDs to suppress known/accepted vulnerabilities
  • Filters out matching advisories and recomputes vulnerability counts from remaining results
  • Returns exit code 0 and "No known vulnerabilities found" when all vulns are ignored

Test plan

  • cargo check -p deno passes
  • All existing audit spec tests pass
  • New spec tests in tests/specs/audit/ignore/ cover:
    • Ignoring a single CVE (remaining vulns still reported)
    • Ignoring all CVEs (clean exit)
    • Ignoring a nonexistent CVE (no effect)

🤖 Generated with Claude Code

@bartlomieju @claude
feat(audit): add --ignore flag to filter advisories by CVE ID
58736d2 
Adds `--ignore` (aliased as `--ignore-cve`) flag to `deno audit` that
accepts CVE IDs to suppress known/accepted vulnerabilities. When
specified, advisories matching the given CVEs are filtered out and
vulnerability counts are recomputed from the remaining results.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bartlomieju bartlomieju added this to the 2.7.0 milestone Feb 18, 2026
bartlomieju and others added 2 commits February 18, 2026 13:45
@bartlomieju @claude
refactor: compute vuln counts once from advisory list
9cbdf64 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bartlomieju @claude
remove --ignore-cve alias
dd1c0f1 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
marvinhagemeister
marvinhagemeister approved these changes Feb 18, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@marvinhagemeister marvinhagemeister left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@bartlomieju bartlomieju enabled auto-merge (squash) February 18, 2026 16:29
@bartlomieju bartlomieju merged commit ffc58f9 into denoland:main Feb 18, 2026
168 of 170 checks passed
@bartlomieju bartlomieju deleted the feat/audit-ignore-cve branch February 18, 2026 17:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dsherret dsherret Awaiting requested review from dsherret

@littledivy littledivy Awaiting requested review from littledivy

1 more reviewer

@marvinhagemeister marvinhagemeister marvinhagemeister approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

2.7.0

Development

Successfully merging this pull request may close these issues.

2 participants

@bartlomieju @marvinhagemeister