Skip to content

chore: add vulnerability ignore to fix SBOM checks#1329

Merged
ozgb merged 1 commit into
mainfrom
ozgb-fix-sbom
Apr 14, 2026
Merged

chore: add vulnerability ignore to fix SBOM checks#1329
ozgb merged 1 commit into
mainfrom
ozgb-fix-sbom

Conversation

@ozgb

@ozgb ozgb commented Apr 14, 2026

Copy link
Copy Markdown
Contributor

Overview

Fixes SBOM checks by ignoring new critical vulnerability in wasmtime

We aren't affected - the vulnerability only applies when using the non-default Winch compiler; we use the default (cranelift).

More info: GHSA-xx5w-cvp6-jv83

🗹 TODO before merging

  • Ready

📌 Submission Checklist

  • Changes are backward-compatible (or flagged if breaking)
  • Pull request description explains why the change is needed
  • Self-reviewed the diff
  • I have included a change file, or skipped for this reason:
  • If the changes introduce a new feature, I have bumped the node minor version
  • Update documentation (if relevant)
  • Updated AGENTS.md if build commands, architecture, or workflows changed
  • No new todos introduced

🧪 Testing Evidence

Please describe any additional testing aside from CI:

  • Additional tests are provided (if possible)

🔱 Fork Strategy

  • Node Runtime Update
  • Node Client Update
  • Other:
  • N/A

Links

@ozgb
chore: add vulnerability ignore to fix SBOM checks
0abb76a 
Signed-off-by: Oscar Bailey <79094698+ozgb@users.noreply.github.com>
@ozgb ozgb requested a review from a team as a code owner April 14, 2026 10:22
@ozgb ozgb enabled auto-merge April 14, 2026 10:27
@ozgb ozgb added this pull request to the merge queue Apr 14, 2026
cosmir17
cosmir17 approved these changes Apr 14, 2026
View reviewed changes

@cosmir17 cosmir17 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Unblocks SBOM checks for other PRs too.
Hi @justinfrevert, this should fix your pr CI too 🙏

Merged via the queue into main with commit b3a6959 Apr 14, 2026
34 checks passed
@ozgb ozgb deleted the ozgb-fix-sbom branch April 14, 2026 12:01
m2ux added a commit that referenced this pull request Apr 23, 2026
@m2ux
chore: add vulnerability ignore to fix SBOM checks (#1329)
c4336f1 
Signed-off-by: Oscar Bailey <79094698+ozgb@users.noreply.github.com>
Signed-off-by: Mike Clay <mike.clay@shielded.io>
m2ux added a commit that referenced this pull request Apr 23, 2026
@m2ux
chore: add vulnerability ignore to fix SBOM checks (#1329)
31aa45f 
Signed-off-by: Oscar Bailey <79094698+ozgb@users.noreply.github.com>
Signed-off-by: Mike Clay <mike.clay@shielded.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gilescope gilescope gilescope approved these changes

@LGLO LGLO LGLO approved these changes

@cosmir17 cosmir17 cosmir17 approved these changes

Assignees

No one assigned

Labels

skip-changes-check-all

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ozgb @gilescope @LGLO @cosmir17