From 1603c8defcd4526dc432856c5504b37a9a001799 Mon Sep 17 00:00:00 2001
From: Doug Lance <doug.lance@gmail.com>
Date: Tue, 17 Oct 2023 13:55:20 -0400
Subject: [PATCH] fix: ignores undici audit flag

---
 audit-ci.jsonc | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/audit-ci.jsonc b/audit-ci.jsonc
index 8fbdf4d996..b74559e91b 100644
--- a/audit-ci.jsonc
+++ b/audit-ci.jsonc
@@ -112,6 +112,11 @@
     // from: @arbitrum/nitro-contracts>@openzeppelin/contracts-upgradeable
     // from @arbitrum/nitro-contracts>@openzeppelin/contracts
     // We don't use ERC2771Context
-    "GHSA-g4vp-m682-qqmp"
+    "GHSA-g4vp-m682-qqmp",
+    // https://github.com/advisories/GHSA-wqq4-5wpv-mx2g
+    // Undici's cookie header not cleared on cross-origin redirect in fetch
+    // from: hardhat>undici
+    // hardhat is only used in dev
+    "GHSA-wqq4-5wpv-mx2g"
   ]
 }