From b4196f1c5e5aa259a38e9c1a9760bbed9cf2a783 Mon Sep 17 00:00:00 2001
From: Kenneth Kehl <@kkehl@flexion.us>
Date: Thu, 26 Mar 2026 10:19:15 -0700
Subject: [PATCH] run pip-audit only on production code

---
 .ds.baseline                       | 6 +++---
 .github/workflows/daily_checks.yml | 3 +--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/.ds.baseline b/.ds.baseline
index 2f882c23d..5c3d3658a 100644
--- a/.ds.baseline
+++ b/.ds.baseline
@@ -151,7 +151,7 @@
         "filename": ".github/workflows/daily_checks.yml",
         "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8",
         "is_verified": false,
-        "line_number": 65,
+        "line_number": 64,
         "is_secret": false
       },
       {
@@ -159,7 +159,7 @@
         "filename": ".github/workflows/daily_checks.yml",
         "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8",
         "is_verified": false,
-        "line_number": 81,
+        "line_number": 80,
         "is_secret": false
       }
     ],
@@ -374,5 +374,5 @@
       }
     ]
   },
-  "generated_at": "2026-03-26T17:07:05Z"
+  "generated_at": "2026-03-26T17:19:11Z"
 }
diff --git a/.github/workflows/daily_checks.yml b/.github/workflows/daily_checks.yml
index 9c2ce9d1d..818657481 100644
--- a/.github/workflows/daily_checks.yml
+++ b/.github/workflows/daily_checks.yml
@@ -26,14 +26,13 @@ jobs:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/setup-project
       - name: Create requirements.txt
-        # Currently there is an unresolved vulnerability in 2.19.2 of pygments
-        # which is used by pytest.  Ignore dev dependencies vulnerabilities for now
         run: poetry export --only main --output requirements.txt
       - uses: pypa/gh-action-pip-audit@v1.1.0
         with:
           inputs: requirements.txt
           ignore-vulns: |
             PYSEC-2023-312
+            CVE-2026-4539
       - name: Upload pip-audit artifact
         uses: actions/upload-artifact@v4
         with: