stakewise · evgeny-stakewise · Jun 17, 2026 · Jun 15, 2026 · Jun 15, 2026 · Jun 15, 2026
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -124,7 +124,10 @@ jobs:
         run: poetry install --no-interaction --no-root
 
       - name: Export requirements
-        run: poetry export -f requirements.txt --without-hashes > audit_requirements.txt
+        # Drop git-sourced deps: pip-audit only checks PyPI and skips them anyway, and
+        # keeping them causes resolution conflicts (e.g. milagro pinned by commit here but
+        # by tag in sw-utils' metadata).
+        run: poetry export -f requirements.txt --without-hashes | grep -v "git+" > audit_requirements.txt
 
       # Run audit
       - uses: pypa/gh-action-pip-audit@3ac8fed01c7b32ab70210f182e557d4cb8c45fec # v1.0.7

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
@@ -126,6 +126,10 @@ jobs:
     runs-on: ubuntu-latest
     needs: docker-merge
     steps:
+      # Needed so the committed .trivyignore is on disk for the scanner below.
+      - name: Checkout code
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
+
       - id: commit-hash
         uses: prompt/actions-commit-hash@01d19a83c242e1851c9aa6cf9625092ecd095d09 # v2
 
@@ -138,5 +142,6 @@ jobs:
           vuln-type: "os,library"
           severity: "CRITICAL,HIGH"
           ignore-unfixed: true
+          trivyignores: ".trivyignore"
         env:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,5 @@
+# pyo3 0.16.6 via milagro_bls_binding Cargo.lock.
+# GHSA-36hh-v3qg-5jq4 (out-of-bounds read in nth/nth_back) was introduced
+# in pyo3 0.24.0; 0.16.6 predates the vulnerable code. Trivy flags it only
+# because the advisory range is "< 0.29.0" with no lower bound.
+GHSA-36hh-v3qg-5jq4