chore: ignore CVE-2023-42363 CVE-2023-42364 CVE-2023-42365

[akashsinghal]

Description

What this PR does / why we need it:

Ignores the CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 vulnerabilities which affect busybox. Busybox at this affected version is not functionally used by Ratify but instead exists as part of test data (sboms, vuln reports, etc).

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):

Fixes #

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Helm Chart Change (any edit/addition/update that is necessary for changes merged to the main branch)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

• Test A
• Test B

Checklist:

• Does the affected code have corresponding tests?
• Are the changes documented, not just with inline documentation, but also with conceptual documentation such as an overview of a new feature, or task-based documentation like a tutorial? Consider if this change should be announced on your project blog.
• Does this introduce breaking changes that would require an announcement or bumping the major version?
• Do all new files have appropriate license header?

Post Merge Requirements

• MAINTAINERS: manually trigger the "Publish Package" workflow after merging any PR that indicates Helm Chart Change

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.15%. Comparing base (1bd347c) to head (d44903a).
Report is 39 commits behind head on dev.

Additional details and impacted files

@@            Coverage Diff             @@
##              dev    #1498      +/-   ##
==========================================
+ Coverage   66.76%   68.15%   +1.38%     
==========================================
  Files         116      119       +3     
  Lines        6030     6139     +109     
==========================================
+ Hits         4026     4184     +158     
+ Misses       1620     1561      -59     
- Partials      384      394      +10     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[susanshi]

LGTM. thanks

[susanshi]

We should look into updating the test asset since updated version of busybox have fixed this vulnerability.