oadmin/sub2api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

chore: renew expired xlsx audit exceptions to 2026-07-06

Browse Source
This commit is contained in:
shaw
2026-04-07 17:22:17 +08:00
parent f3aa54b770
commit 08b454423b
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/audit-exceptions.yml vendored
View File

@@ -5,14 +5,14 @@ exceptions:
severity: high severity: high
reason: "Admin export only; switched to dynamic import to reduce exposure (CVE-2023-30533)" reason: "Admin export only; switched to dynamic import to reduce exposure (CVE-2023-30533)"
mitigation: "Load only on export; restrict export permissions and data scope" mitigation: "Load only on export; restrict export permissions and data scope"
expires_on: "2026-04-05" expires_on: "2026-07-06"
owner: "security@your-domain" owner: "security@your-domain"
- package: xlsx - package: xlsx
advisory: "GHSA-5pgg-2g8v-p4x9" advisory: "GHSA-5pgg-2g8v-p4x9"
severity: high severity: high
reason: "Admin export only; switched to dynamic import to reduce exposure (CVE-2024-22363)" reason: "Admin export only; switched to dynamic import to reduce exposure (CVE-2024-22363)"
mitigation: "Load only on export; restrict export permissions and data scope" mitigation: "Load only on export; restrict export permissions and data scope"
expires_on: "2026-04-05" expires_on: "2026-07-06"
owner: "security@your-domain" owner: "security@your-domain"
- package: lodash - package: lodash
advisory: "GHSA-r5fr-rjxr-66jc" advisory: "GHSA-r5fr-rjxr-66jc"