From 3d77a5ec08a7fa5290c687fd0e027d39ec896c9f Mon Sep 17 00:00:00 2001
From: Xiyuan Chen <52963600+GareArc@users.noreply.github.com>
Date: Sun, 8 Mar 2026 17:07:17 -0700
Subject: [PATCH] Update api/services/feature_service.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 api/services/feature_service.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/services/feature_service.py b/api/services/feature_service.py
index a53ac9d980..f38e1762d1 100644
--- a/api/services/feature_service.py
+++ b/api/services/feature_service.py
@@ -382,7 +382,7 @@ class FeatureService:
         # SECURITY NOTE: Only license *status* is exposed to unauthenticated callers
         # so the login page can detect an expired/inactive license after force-logout.
         # All other license details (expiry date, workspace usage) remain auth-gated.
-        # See CVE-2025-63387 for prior information-leakage context.
+        # This behavior reflects prior internal review of information-leakage risks.
         if license_info := enterprise_info.get("License"):
             features.license.status = LicenseStatus(license_info.get("status", LicenseStatus.INACTIVE))