Cutlery/calibre
1
0
Fork 0
mirror of https://github.com/kovidgoyal/calibre.git synced 2026-05-27 17:22:34 -04:00
Code Issues Packages Projects Releases Wiki Activity

Ignore CVEs in nodejs used only for building webengine

Browse Source
This commit is contained in:
Kovid Goyal
2026-04-02 21:53:51 +05:30
parent 9e05bb1f69
commit d8a4b09b4a
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
setup/unix-ci.py
+7
View File
@@ -192,6 +192,13 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2026-3644',
'CVE-2026-4224', # expat parser unused
'CVE-2026-4519', # webbrowser() unused
# nodejs used only at build time CVEs are irrelevant
'CVE-2026-21710',
'CVE-2026-21717',
'CVE-2026-21714',
'CVE-2026-21713',
'CVE-2026-21715',
'CVE-2026-21716',
# libtiff
'CVE-2025-8851', # this is erroneously marked as fixed in the database but no release of libtiff has been made with the fix
# hyphen