Remove oxygen-deployment-1000011823.yml

[shopify]

This storefront was removed from the Hydrogen channel, so this file is no longer needed.

Merging this pull request will do the following:

• Remove oxygen-deployment-1000011823.yml from your GitHub workflow directory.

Merging this PR won’t affect other Hydrogen storefronts.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	6	0	10	✅ Passed
🟠 High Severity	14	17	25	✅ Passed
🟡 Medium Severity	29	17	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	6	0	15 / 30 days	❌ Failed
🟠 High	4	0	30 / 120 days	❌ Failed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

🔴 Critical Severity - SLA Breached Issues (with fixes)

Showing 6 issue(s) that have exceeded the 15-day SLA threshold:

1. Prototype Pollution

   • ID: SNYK-JS-IMMUTABLE-15423650
   • Package: immutable@3.7.6
   • Published: 29 days ago (SLA: 15 days)
   • CVSS Score: 9.3
   • CVE: CVE-2026-29063

2. Prototype Pollution

   • ID: SNYK-JS-IMMUTABLE-15423650
   • Package: immutable@3.7.6
   • Published: 29 days ago (SLA: 15 days)
   • CVSS Score: 9.3
   • CVE: CVE-2026-29063

3. Prototype Pollution

   • ID: SNYK-JS-IMMUTABLE-15423650
   • Package: immutable@3.7.6
   • Published: 29 days ago (SLA: 15 days)
   • CVSS Score: 9.3
   • CVE: CVE-2026-29063

4. Prototype Pollution

   • ID: SNYK-JS-IMMUTABLE-15423650
   • Package: immutable@3.7.6
   • Published: 29 days ago (SLA: 15 days)
   • CVSS Score: 9.3
   • CVE: CVE-2026-29063

5. Prototype Pollution

   • ID: SNYK-JS-IMMUTABLE-15423650
   • Package: immutable@3.7.6
   • Published: 29 days ago (SLA: 15 days)
   • CVSS Score: 9.3
   • CVE: CVE-2026-29063

6. Prototype Pollution

   • ID: SNYK-JS-IMMUTABLE-15423650
   • Package: immutable@3.7.6
   • Published: 29 days ago (SLA: 15 days)
   • CVSS Score: 9.3
   • CVE: CVE-2026-29063

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 4 issue(s) that have exceeded the 30-day SLA threshold:

1. Prototype Pollution

   • ID: SNYK-JS-AXIOS-15252993
   • Package: axios@1.13.2
   • Published: 52 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-25639

2. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15309438
   • Package: minimatch@9.0.5
   • Published: 43 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-26996

3. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15353387
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27904

4. Inefficient Algorithmic Complexity

   • ID: SNYK-JS-MINIMATCH-15353389
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27903

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 17
• Medium without fixes: 17
• Low without fixes: 0

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.