Remove test manifest failed from CxOne scan(AST-00000)

[cx-margarita-levitm]

By submitting this pull request, you agree to the terms within the Checkmarx Code of Conduct. Please review the contributing guidelines for guidance on creating high-quality pull requests.

Description

Add --file-filter "!test/integration/data/manifests/" to exclude CxOne scan

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update

Related Issues

Link any related issues or tickets.

Checklist

• I have performed a self-review of my code
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)
• Any dependent changes have been merged and published in downstream modules
• I have updated the CLI help for new/changed functionality in this PR (if applicable)
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used

Screenshots (if applicable)

Add screenshots to help explain your changes.

Additional Notes

Add any other relevant information.

[github-actions]

Checkmarx One – Scan Summary & Details – 901f9d26-4acc-40a5-9da4-f0f5bb515033

New Issues (18)

Checkmarx found the following issues in this Pull Request

#	Severity	Issue	Source File / Package	Checkmarx Insight
1		Cx6057d4e5-4760	Npm-coa-3.1.3	details Description: This package was manually inspected by a security researcher and flagged as malicious ### About Classifying malicious packages is an internal proc... Vulnerable Package
2		Cx657a3ff1-7b92	Npm-coa-3.1.3	details Description: This package downloads a harmful file. File hash: ```7f986cd3c946f274cdec73f80b84855a77bc2a3c765d68897fbc42835629a5d5``` ### About Using a dynamic... Vulnerable Package
3		Cxa079aba6-fc3c	Npm-coa-3.1.3	details Description: This package exfiltrates stored credentials and sensitive information ### About Data exfiltration may be done in numerous ways such as through HTT... Vulnerable Package
4		Cxb34b508c-969f	Npm-coa-3.1.3	details Description: This package exfiltrates computer and operating system information ### About Data exfiltration may be done in numerous ways such as through HTTP r... Vulnerable Package
5		Cxb5dfb167-23a8	Npm-coa-3.1.3	details Description: The npm package coa had versions published with malicious code. Users of affected versions (2.0.3 and above) should downgrade to 2.0.2 as soon as p... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
6		Cxbd621f75-d5df	Npm-coa-3.1.3	details Description: This package downloads a harmful file. File hash: ```ea131cc5ccf6aa6544d6cb29cdb78130feed061d2097c6903215be1499464c2e``` ### About Using a dynamic... Vulnerable Package
7		Cxc2338b3a-b052	Npm-coa-3.1.3	details Description: This package downloads a harmful file. File hash: ```2a3acdcd76575762b18c18c644a745125f55ce121f742d2aad962521bc7f25fd``` ### About Using a dynamic... Vulnerable Package
8		Cxc56b90ed-4804	Npm-coa-3.1.3	details Description: This package executes a crypto mining software ### About Using a dynamic analysis environment (also known as a Sandbox) we can monitor filesystem ... Vulnerable Package
9		CVE-2024-43483	Nuget-Microsoft.Extensions.Caching.Memory-6.0.1	details Recommended version: 6.0.2 Description: .NET, .NET Framework, and Visual Studio are vulnerable to Denial of Service Vulnerability. This issue affects System.IO.Packaging versions 6.0.0-pr... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
10		Cxb3ca64d2-9cd1	Npm-mocha-10.0.0	details Recommended version: 10.1.0 Description: The package `mocha`is vulnerable to Regular Expression Denial of Service (ReDoS). The function `clean` in `utils.js` can make the server unavailabl... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
11		Cxdca8e59f-8bfe	Npm-inflight-1.0.6	details Description: In NPM `inflight` there is a Memory Leak because some resources are not freed correctly after being used. It appears to affect all versions, as the... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
12		CVE-2023-0842	Npm-xml2js-0.4.23	details Recommended version: 0.5.0 Description: The xml2js in versions prior to 0.5.0 allows an external attacker to edit or add new properties to an object. This is possible because the applicat... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
13		CVE-2024-11831	Npm-serialize-javascript-6.0.0	details Recommended version: 6.0.2 Description: A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain i... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
14		CVE-2024-55565	Npm-nanoid-3.3.3	details Recommended version: 3.3.8 Description: The package nanoid versions through 3.3.7 and 4.0.0 through 5.0.8 mishandle non-integer values. Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
15		CVE-2025-54798	Npm-tmp-0.0.30	details Recommended version: 0.2.4 Description: tmp is a temporary file and directory creator for node.js. In versions prior to 0.2.4, tmp is vulnerable to an arbitrary temporary file "/" directo... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
16		CVE-2025-64718	Npm-js-yaml-4.1.0	details Recommended version: 4.1.1 Description: js-yaml is a JavaScript YAML parser and dumper. In js-yaml versions through 3.14.1 and 4.x through 4.1.0, it's possible for an attacker to modify t... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
17		CVE-2026-24001	Npm-diff-5.0.0	details Recommended version: 5.2.1 Description: jsdiff is a JavaScript text differencing implementation. Prior to versions 4.0.3, 5.x prior to 5.2.1 and 6.x through 8.x prior to 8.0.3, attempting... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
18		Cx8bc4df28-fcf5	Npm-debug-4.3.4	details Recommended version: 4.4.0 Description: In NPM "debug" versions prior to 4.4.0, the "enable" function accepts a regular expression from user input without escaping it. Arbitrary regular e... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package