61 lines
1.6 KiB
JSON
61 lines
1.6 KiB
JSON
{
|
|
"version": "1.0",
|
|
"exclusions": [
|
|
{
|
|
"id": 1,
|
|
"title": "使用來自非官方來源的自訂 Action 的供應鏈風險",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 2,
|
|
"title": "Composite Action 將 shell 移到 runs 層級",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 3,
|
|
"title": "cache-nuget@v0.0.3 釘選到修補版本",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 4,
|
|
"title": "快取 NuGet 套件動作更新至 v0.0.3 後需額外更新紀錄或測試清單",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 5,
|
|
"title": "復原專案步驟依賴 cache-hit 輸出可能誤跳過 restore",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 6,
|
|
"title": "cache key 與專案檔變更的關聯應由外部 cache-nuget 動作管理",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 7,
|
|
"title": "action.yml 的流程需要自動化測試",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 8,
|
|
"title": "審查 https://gitea.jsc.idv.tw/actions/cache-nuget@v0.0.3 的來源和內容",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 9,
|
|
"title": "定期審查並更新 https://gitea.jsc.idv.tw/actions/cache-nuget 的版本",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 10,
|
|
"title": "使用來自非官方或自託管 Gitea 伺服器的外部動作存在供應鏈風險",
|
|
"reason": "列入排除問題"
|
|
},
|
|
{
|
|
"id": 11,
|
|
"title": "將 NUGET 更正為 NuGet 的命名建議",
|
|
"reason": "列入排除問題"
|
|
}
|
|
]
|
|
}
|