Merge branch 'main' into fix-notice-error-logic

mergify[bot] · web-flow · commit 6e2dd61c929b · 2025-12-17T02:32:59.000Z
diff --git a/.github/.trivyignore b/.github/.trivyignore
@@ -1,9 +1,15 @@
+# =============================
+# Accepted Risk Vulnerabilities
+# =============================
+
+# Accepting risk due to Python 3.8 support.
+CVE-2025-50181  # Requires misconfiguration of urllib3, which agent does not do without intervention
+CVE-2025-66418  # Malicious servers could cause high resource consumption
+CVE-2025-66471  # Malicious servers could cause high resource consumption
+
 # =======================
 # Ignored Vulnerabilities
 # =======================
 
-# Accepting risk due to Python 3.8 support.
-CVE-2025-50181
-
 # Not relevant, only affects Pyodide
 CVE-2025-50182
