From 99a1fb2f62546ba069f100181e98a6180cde80df Mon Sep 17 00:00:00 2001
From: mcollao-hc <106274486+mcollao-hc@users.noreply.github.com>
Date: Tue, 22 Nov 2022 15:19:35 -0600
Subject: [PATCH] update semgrep exludes (#18090)

---
 .github/workflows/security-scan.yml | 2 +-
 scan.hcl                            | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 57d3481657..5ea85bd237 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -28,7 +28,7 @@ jobs:
         repository: hashicorp/security-scanner
         token: ${{ secrets.HASHIBOT_PRODSEC_GITHUB_TOKEN }}
         path: security-scanner
-        ref: e8f142fef6ca9601300072c8eddef4f79e47368a
+        ref: 2526c196a28bb367b1ac6c997ff48e9ebf06834f
 
     - name: Install dependencies
       shell: bash
diff --git a/scan.hcl b/scan.hcl
index 720f02c405..a116178dde 100644
--- a/scan.hcl
+++ b/scan.hcl
@@ -13,6 +13,7 @@ repository {
     use_git_ignore = true
     exclude = ["vendor"]
     config = ["tools/semgrep/ci", "p/r2c-security-audit"]
+    exclude_rule = ["generic.html-templates.security.unquoted-attribute-var.unquoted-attribute-var"]
   }
   
   plugin "codeql" {