OSV Scanner helps you find vulnerabilities in your project's open source dependencies. By default, OSV Scanner run the analyses through all supported dependency packages.
If you want to ignore specific issues, you can add
osv-scanner.toml file to your root and specify the ignored issues. For ignoring the issues, you have to specify the
id which you can find on osv.dev website by using the CVE number provided by Codeac.
Old versions of libraries can bring severe risk to your application, therefore you should update the packages regularly. If there is a known a vulnerability, Codeac covers your back and pinpoints the problem with the link for solution. Also, Codeac scores the vulnerability (0-10) to help you prioritize the dependency updates.