Cutlery/calibre
1
0
Fork 0
mirror of https://github.com/kovidgoyal/calibre.git synced 2026-04-11 11:41:59 -04:00
Code Issues Packages Projects Releases Wiki Activity

Ignore CVEs in nodejs used only for building webengine

Browse Source
This commit is contained in:
Kovid Goyal 2026-04-02 21:53:51 +05:30
parent 9e05bb1f69
commit d8a4b09b4a
No known key found for this signature in database
GPG Key ID: 06BC317B515ACE7C
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
setup/unix-ci.py
View File

@ -192,6 +192,13 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2026-3644',
'CVE-2026-4224', # expat parser unused
'CVE-2026-4519', # webbrowser() unused
# nodejs used only at build time CVEs are irrelevant
'CVE-2026-21710',
'CVE-2026-21717',
'CVE-2026-21714',
'CVE-2026-21713',
'CVE-2026-21715',
'CVE-2026-21716',
# libtiff
'CVE-2025-8851', # this is erroneously marked as fixed in the database but no release of libtiff has been made with the fix
# hyphen