From 131a66357838a36e5729ed8a9fa13ca06db53a41 Mon Sep 17 00:00:00 2001
From: Atanas Janeshliev <atanas.janeshliev@proton.ch>
Date: Thu, 30 Oct 2025 14:48:40 +0100
Subject: [PATCH] chore(BRIDGE-440): supress govulnechk findings

---
 utils/govulncheck.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/utils/govulncheck.sh b/utils/govulncheck.sh
index 5584ba27..33eb6741 100755
--- a/utils/govulncheck.sh
+++ b/utils/govulncheck.sh
@@ -36,6 +36,15 @@ main(){
     ignore GO-2025-3754 "BRIDGE-388 github.com/cloudflare/circl indirect import from gopenpgp; need to wait for upstream to patch"
     ignore GO-2025-3849 "BRIDGE-416 database/sql race condition leading to potential data overwrite"
     ignore GO-2025-3956 "BRIDGE-428 LookPath from os/exec may result in binaries listed in the path to be returned"
+    ignore GO-2025-4010 "BRIDGE-440 IPv6 parsing"
+    ignore GO-2025-4007 "BRIDGE-440 non-linear scaling w.r.t cert chain lenght when validating chains"
+    ignore GO-2025-4009 "BRIDGE-440 non-linear scaling w.r.t parsing PEM inputs"
+    ignore GO-2025-4015 "BRIDGE-440 Reader.ReadResponse excessive CPU usage"
+    ignore GO-2025-4008 "BRIDGE-440 ALPN negotiation failure contains attacker controlled information (not-escaped)"
+    ignore GO-2025-4012 "BRIDGE-440 potentially excessive memory usage on HTTP servers via cookies"
+    ignore GO-2025-4013 "BRIDGE-440 validating cert chains with DSA public keys may cause programs to panic"
+    ignore GO-2025-4011 "BRIDGE-440 pasing a maliciously crafted DER payloads could allocate excessive memory"
+    ignore GO-2025-4014 "BRIDGE-440 tarball extraction may read an unbounded amount of data from the archive into memory"
 
     has_vulns