Description
Currently, we explicitly exclude the org.apache.poi:poi-ooxml dependency (flagged with CVE-2025-31672) from org.technologybrewery.mash:mash-core 1.6.0. Once Mash Issue #4 is completed and a new version is released, we should upgrade to use it.
DOD
Acceptance criteria required to realize the requested feature
Test Strategy/Script
How will this feature be verified?
References/Additional Context
Dependent on Mash Issue #4
Description
Currently, we explicitly exclude the
org.apache.poi:poi-ooxmldependency (flagged with CVE-2025-31672) fromorg.technologybrewery.mash:mash-core 1.6.0. Once Mash Issue #4 is completed and a new version is released, we should upgrade to use it.DOD
Acceptance criteria required to realize the requested feature
Test Strategy/Script
How will this feature be verified?
References/Additional Context
Dependent on Mash Issue #4