From 4baa8a530632eed66140a03a5585c48af83fe77c Mon Sep 17 00:00:00 2001
From: Alexander Druz <alexandersdruz@gmail.com>
Date: Wed, 7 Jan 2026 11:43:27 +0100
Subject: [PATCH] Ignore nbconvert vulnerability since dev dependency and not
 yet fixed

---
 .github/workflows/ci.yml | 2 +-
 Makefile                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 59cf6ae..6b8677f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -99,7 +99,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
       - name: check
         run: |
-          poetry run pip-audit
+          poetry run pip-audit --ignore-vuln GHSA-xm59-rqc7-hhvf # not yet fixed, dev dependency
 
   doctest:
     name: "🧪 Run Doctests"
diff --git a/Makefile b/Makefile
index 1add735..ad2cae6 100644
--- a/Makefile
+++ b/Makefile
@@ -31,7 +31,7 @@ typecheck: ## Typecheck source files
 
 .PHONY: audit
 audit: ## Audit project dependencies
-	poetry run pip-audit
+	poetry run pip-audit --ignore-vuln GHSA-xm59-rqc7-hhvf # not yet fixed, dev dependency
 
 .PHONY: check
 check: ## Run all checks