Skip to content

[INTERNAL] Update audit allowlist#1444

Merged
matz3 merged 1 commit into
v4from
v4-update-audit
Jul 2, 2026
Merged

[INTERNAL] Update audit allowlist#1444
matz3 merged 1 commit into
v4from
v4-update-audit

Conversation

@matz3

@matz3 matz3 commented Jul 2, 2026

Copy link
Copy Markdown
Member

- Drop js-yaml GHSA-h67p-54hq-rp68; already fixed via js-yaml update
- Add @sigstore/core GHSA-jfc7-64v2-mr8c and state not exploitable
@matz3 matz3 requested a review from a team July 2, 2026 11:29
@matz3 matz3 merged commit 695453b into v4 Jul 2, 2026
4 checks passed
@matz3 matz3 deleted the v4-update-audit branch July 2, 2026 13:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants