From 25415b9e391636452c2de6c7f737d582a7df457f Mon Sep 17 00:00:00 2001
From: Yashvanth B L <yashvanthbl137@bitgo.com>
Date: Thu, 12 Mar 2026 00:57:14 +0530
Subject: [PATCH] chore: remove serialize-javascript security exception

Ticket: CGARD-518
---
 .iyarc | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/.iyarc b/.iyarc
index a8362f7a33..0bf2fb5919 100644
--- a/.iyarc
+++ b/.iyarc
@@ -44,12 +44,6 @@ GHSA-7r86-cg39-jmmj
 # - Mitigated by controlled inputs (our own build scripts, not user-provided patterns)
 GHSA-23c5-xmqv-rm74
 
-# Excluded because:
-# - Transitive devDependency through mocha, terser-webpack-plugin, copy-webpack-plugin
-# - serialize-javascript RCE via malicious RegExp.flags and Date.prototype.toISOString()
-# - Only affects dev-time tooling, not production code
-GHSA-5c6j-r48x-rmvq
-
 # Excluded because:
 # - Transitive dependency through lerna and yeoman-generator requiring tar < 7.5.7
 # - This CVE affects tar's extraction process (hardlink path traversal in crafted archives)