Open
Conversation
Bumps the npm_and_yarn group with 1 update in the / directory: [lodash-es](https://github.com/lodash/lodash). Updates `lodash-es` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash-es dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the npm_and_yarn group with 1 update in the / directory: [webpack](https://github.com/webpack/webpack). Updates `webpack` from 5.97.1 to 5.105.3 - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](webpack/webpack@v5.97.1...v5.105.3) --- updated-dependencies: - dependency-name: webpack dependency-version: 5.105.3 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: KalCola <colacal43@gmail.com>
This workflow triggers APIsec scans for the project on push, pull request, or scheduled events, and uploads the results in SARIF format. Signed-off-by: KalCola <colacal43@gmail.com>
This workflow integrates EthicalCheck for automated API security testing, including steps for running tests and uploading results. Signed-off-by: KalCola <colacal43@gmail.com>
This workflow automates mobile security scanning using MobSF on pushes and pull requests to the main branch, as well as on a scheduled basis. Signed-off-by: KalCola <colacal43@gmail.com>
This workflow scans dependency manifest files for known vulnerabilities in pull requests and blocks merging if vulnerable packages are detected. Signed-off-by: KalCola <colacal43@gmail.com>
…rn-1516ec8d75 chore(deps): bump webpack from 5.97.1 to 5.105.3 in the npm_and_yarn group across 1 directory
Bumps the npm_and_yarn group with 1 update in the / directory: [qs](https://github.com/ljharb/qs). Updates `qs` from 6.13.0 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the npm_and_yarn group with 1 update in the / directory: [ajv](https://github.com/ajv-validator/ajv). Updates `ajv` from 6.12.6 to 6.14.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v6.14.0) --- updated-dependencies: - dependency-name: ajv dependency-version: 6.14.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: KalCola <colacal43@gmail.com>
…rn-14dc0ebc5a chore(deps): bump qs from 6.13.0 to 6.14.2 in the npm_and_yarn group across 1 directory
…rn-f1bf2b0a19 chore(deps): bump ajv from 6.12.6 to 6.14.0 in the npm_and_yarn group across 1 directory
…rn-ab4d8f00f8 chore(deps): bump lodash-es from 4.17.21 to 4.17.23 in the npm_and_yarn group across 1 directory
…pdates Bumps the npm_and_yarn group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.26.7` | `7.28.6` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` | | [estree-util-value-to-estree](https://github.com/remcohaszing/estree-util-value-to-estree) | `3.3.2` | `3.5.0` | | [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.14.2` | | [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` | | [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.7` | `2.0.9` | | [image-size](https://github.com/image-size/image-size) | `1.2.0` | `1.2.1` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` | | [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.3.3` | | [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` | | [prismjs](https://github.com/PrismJS/prism) | `1.29.0` | `1.30.0` | Updates `@babel/helpers` from 7.26.7 to 7.28.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.28.6/packages/babel-helpers) Updates `brace-expansion` from 1.1.11 to 1.1.12 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) Updates `estree-util-value-to-estree` from 3.3.2 to 3.5.0 - [Release notes](https://github.com/remcohaszing/estree-util-value-to-estree/releases) - [Commits](remcohaszing/estree-util-value-to-estree@v3.3.2...v3.5.0) Updates `qs` from 6.13.0 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.2) Updates `js-yaml` from 3.14.1 to 3.14.2 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@3.14.1...3.14.2) Updates `http-proxy-middleware` from 2.0.7 to 2.0.9 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.7...v2.0.9) Updates `image-size` from 1.2.0 to 1.2.1 - [Release notes](https://github.com/image-size/image-size/releases) - [Commits](image-size/image-size@v1.2.0...v1.2.1) Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `mdast-util-to-hast` from 13.2.0 to 13.2.1 - [Release notes](https://github.com/syntax-tree/mdast-util-to-hast/releases) - [Commits](syntax-tree/mdast-util-to-hast@13.2.0...13.2.1) Updates `node-forge` from 1.3.1 to 1.3.3 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.3) Updates `on-headers` from 1.0.2 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](jshttp/on-headers@v1.0.2...v1.1.0) Updates `prismjs` from 1.29.0 to 1.30.0 - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/v2/CHANGELOG.md) - [Commits](PrismJS/prism@v1.29.0...v1.30.0) --- updated-dependencies: - dependency-name: "@babel/helpers" dependency-version: 7.28.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: estree-util-value-to-estree dependency-version: 3.5.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: image-size dependency-version: 1.2.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mdast-util-to-hast dependency-version: 13.2.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-version: 1.3.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: prismjs dependency-version: 1.30.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…rn-4ae71e3962 chore(deps): bump the npm_and_yarn group across 1 directory with 12 updates
…n permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: KalCola <colacal43@gmail.com>
This workflow sets up a CI process for Node.js applications, including installation of dependencies, building the code, and running tests across multiple Node.js versions. Signed-off-by: KalCola <colacal43@gmail.com>
Signed-off-by: KalCola <colacal43@gmail.com>
…n permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: KalCola <colacal43@gmail.com>
Signed-off-by: KalCola <colacal43@gmail.com>
…n permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: KalCola <colacal43@gmail.com>
Signed-off-by: KalCola <colacal43@gmail.com>
Signed-off-by: KalCola <colacal43@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.