From d8f9e3907c8e482db89d6e321eae8d4987ea4eba Mon Sep 17 00:00:00 2001
From: Fionna Chan <13184582+fionnachan@users.noreply.github.com>
Date: Fri, 18 Oct 2024 20:55:05 +0800
Subject: [PATCH] ci: exempt new advisory (#2002)

---
 audit-ci.jsonc | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/audit-ci.jsonc b/audit-ci.jsonc
index 52bdc29750..f5d48c759d 100644
--- a/audit-ci.jsonc
+++ b/audit-ci.jsonc
@@ -1,5 +1,13 @@
 {
   "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
   "low": true,
-  "allowlist": []
+  "allowlist": [
+    // https://github.com/advisories/GHSA-fc9h-whq2-v747
+    // Valid ECDSA signatures erroneously rejected in Elliptic
+    // Legitimate transactions or communications may be incorrectly flagged as invalid.
+    // No patched version available yet
+    // from: arb-token-bridge-ui>@unstoppabledomains/resolution>elliptic
+    // from: arb-token-bridge-ui>ethers>@ethersproject/signing-key>elliptic
+    "GHSA-fc9h-whq2-v747"
+  ]
 }