From 09c676c778005e16213078bfa185cb90af1cb39f Mon Sep 17 00:00:00 2001
From: Andrew Longosz <alongosz@users.noreply.github.com>
Date: Thu, 21 May 2026 11:35:31 +0200
Subject: [PATCH 1/2] [Composer Audit Ignore] Added ` twig/cssinliner-extra`
 advisory

Added https://packagist.org/security-advisories/PKSA-fs5b-x5k4-1h39 to the allow-list
---
 actions/composer-audit-ignore/action.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/actions/composer-audit-ignore/action.yml b/actions/composer-audit-ignore/action.yml
index 4b3701e..1063474 100644
--- a/actions/composer-audit-ignore/action.yml
+++ b/actions/composer-audit-ignore/action.yml
@@ -38,7 +38,8 @@ runs:
                     PKSA-6319-ffpf-gx66 \
                     PKSA-n7sg-8f52-pqtf \
                     PKSA-8kk8-h2xr-h5nx \
-                    PKSA-2rbx-bjdx-4d4d
+                    PKSA-2rbx-bjdx-4d4d \
+                    PKSA-fs5b-x5k4-1h39
                 do
                     composer config audit.ignore --json --merge "{\"$advisory\":\"$reason\"}"
                 done

From 541c222f19bffc1cf9df8f468972cf4dabfefa2c Mon Sep 17 00:00:00 2001
From: Andrew Longosz <alongosz@users.noreply.github.com>
Date: Thu, 21 May 2026 11:44:36 +0200
Subject: [PATCH 2/2] [Composer Audit Ignore] Created shared advisories list
 for PHP 7.4 and 8.0

---
 actions/composer-audit-ignore/action.yml | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/actions/composer-audit-ignore/action.yml b/actions/composer-audit-ignore/action.yml
index 1063474..c3003a3 100644
--- a/actions/composer-audit-ignore/action.yml
+++ b/actions/composer-audit-ignore/action.yml
@@ -12,15 +12,28 @@ runs:
     using: "composite"
     steps:
         -   if: startsWith(inputs.php-version, '7.4.')
-            name: Configure advisory ignore list for PHP 7.4
+            name: Configure PHP 7.4-only advisory ignore list
             shell: bash
             run: |
-                reason="The affected version of 3rd party component is installed on PHP 7.4. There's no alternative supporting PHP 7.4. Consider upgrading to PHP 8"
+                reason="The affected version of 3rd party component is installed on PHP 7.4. There's no alternative supporting PHP 7.4. Consider upgrading to PHP 8.1+"
 
                 for advisory in \
                     PKSA-xwpn-zs9j-6wy5 \
                     PKSA-sf9j-1gs7-xzvx \
-                    PKSA-7h5p-prw9-w5nr \
+                    PKSA-7h5p-prw9-w5nr
+                do
+                    composer config audit.ignore --json --merge "{\"$advisory\":\"$reason\"}"
+                done
+
+        -   if: startsWith(inputs.php-version, '7.4.') || startsWith(inputs.php-version, '8.0.')
+            name: Configure shared advisory ignore list for PHP 7.4 and 8.0
+            env:
+                PHP_VERSION: ${{ inputs.php-version }}
+            shell: bash
+            run: |
+                reason="The affected version of 3rd party component is installed on PHP ${PHP_VERSION%.*}. There's no alternative supporting PHP ${PHP_VERSION%.*}. Consider upgrading to PHP 8.1+"
+
+                for advisory in \
                     PKSA-5k7f-wvjj-jrgw \
                     PKSA-sjvz-tbbr-vwth \
                     PKSA-h8hf-ytnd-5t9q \