From f9df013dd1a974fc986a5646a9888d182dfbae99 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Houpert?=
 <10154151+lhoupert@users.noreply.github.com>
Date: Mon, 30 Mar 2026 11:36:20 +0100
Subject: [PATCH] ci: add osv-scanner exception for integration tests

---
 integration-tests/cases/01-requirements-flat/osv-scanner.toml  | 3 +++
 .../cases/02-requirements-src-bandit/osv-scanner.toml          | 3 +++
 .../cases/03-requirements-multi-both/osv-scanner.toml          | 3 +++
 integration-tests/cases/04-uv-flat/osv-scanner.toml            | 3 +++
 integration-tests/cases/05-uv-src-vuln/osv-scanner.toml        | 3 +++
 integration-tests/cases/06-uv-multi-bandit/osv-scanner.toml    | 3 +++
 integration-tests/cases/07-poetry-flat/osv-scanner.toml        | 3 +++
 integration-tests/cases/08-poetry-src-both/osv-scanner.toml    | 3 +++
 integration-tests/cases/09-pipenv-flat/osv-scanner.toml        | 3 +++
 .../cases/10-pipenv-multi-bandit/osv-scanner.toml              | 3 +++
 integration-tests/cases/11-requirements-root/osv-scanner.toml  | 3 +++
 .../cases/12-uv-flat-bandit-only/osv-scanner.toml              | 3 +++
 .../cases/13-requirements-unfixable/osv-scanner.toml           | 3 +++
 integration-tests/cases/14-uv-low-threshold/osv-scanner.toml   | 3 +++
 14 files changed, 42 insertions(+)
 create mode 100644 integration-tests/cases/01-requirements-flat/osv-scanner.toml
 create mode 100644 integration-tests/cases/02-requirements-src-bandit/osv-scanner.toml
 create mode 100644 integration-tests/cases/03-requirements-multi-both/osv-scanner.toml
 create mode 100644 integration-tests/cases/04-uv-flat/osv-scanner.toml
 create mode 100644 integration-tests/cases/05-uv-src-vuln/osv-scanner.toml
 create mode 100644 integration-tests/cases/06-uv-multi-bandit/osv-scanner.toml
 create mode 100644 integration-tests/cases/07-poetry-flat/osv-scanner.toml
 create mode 100644 integration-tests/cases/08-poetry-src-both/osv-scanner.toml
 create mode 100644 integration-tests/cases/09-pipenv-flat/osv-scanner.toml
 create mode 100644 integration-tests/cases/10-pipenv-multi-bandit/osv-scanner.toml
 create mode 100644 integration-tests/cases/11-requirements-root/osv-scanner.toml
 create mode 100644 integration-tests/cases/12-uv-flat-bandit-only/osv-scanner.toml
 create mode 100644 integration-tests/cases/13-requirements-unfixable/osv-scanner.toml
 create mode 100644 integration-tests/cases/14-uv-low-threshold/osv-scanner.toml

diff --git a/integration-tests/cases/01-requirements-flat/osv-scanner.toml b/integration-tests/cases/01-requirements-flat/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/01-requirements-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/02-requirements-src-bandit/osv-scanner.toml b/integration-tests/cases/02-requirements-src-bandit/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/02-requirements-src-bandit/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/03-requirements-multi-both/osv-scanner.toml b/integration-tests/cases/03-requirements-multi-both/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/03-requirements-multi-both/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/04-uv-flat/osv-scanner.toml b/integration-tests/cases/04-uv-flat/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/04-uv-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/05-uv-src-vuln/osv-scanner.toml b/integration-tests/cases/05-uv-src-vuln/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/05-uv-src-vuln/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/06-uv-multi-bandit/osv-scanner.toml b/integration-tests/cases/06-uv-multi-bandit/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/06-uv-multi-bandit/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/07-poetry-flat/osv-scanner.toml b/integration-tests/cases/07-poetry-flat/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/07-poetry-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/08-poetry-src-both/osv-scanner.toml b/integration-tests/cases/08-poetry-src-both/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/08-poetry-src-both/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/09-pipenv-flat/osv-scanner.toml b/integration-tests/cases/09-pipenv-flat/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/09-pipenv-flat/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/10-pipenv-multi-bandit/osv-scanner.toml b/integration-tests/cases/10-pipenv-multi-bandit/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/10-pipenv-multi-bandit/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/11-requirements-root/osv-scanner.toml b/integration-tests/cases/11-requirements-root/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/11-requirements-root/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/12-uv-flat-bandit-only/osv-scanner.toml b/integration-tests/cases/12-uv-flat-bandit-only/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/12-uv-flat-bandit-only/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/13-requirements-unfixable/osv-scanner.toml b/integration-tests/cases/13-requirements-unfixable/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/13-requirements-unfixable/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."
diff --git a/integration-tests/cases/14-uv-low-threshold/osv-scanner.toml b/integration-tests/cases/14-uv-low-threshold/osv-scanner.toml
new file mode 100644
index 0000000..66a91c1
--- /dev/null
+++ b/integration-tests/cases/14-uv-low-threshold/osv-scanner.toml
@@ -0,0 +1,3 @@
+[[PackageOverrides]]
+ignore = true
+reason = "Synthetic fixture for python-security-auditing integration tests; vulnerable pins are intentional to exercise pip-audit and the composite action."