Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated Clubhouse to Shortcut #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Updated Clubhouse to Shortcut #1

wants to merge 1 commit into from

Conversation

snipe
Copy link
Member

@snipe snipe commented Mar 7, 2023

Updated the name from Clubhouse to Shortcut

@guardrails
Copy link

guardrails bot commented Mar 7, 2023
edited by unfurl-links bot
Loading

⚠️ We detected 15 security issues in this pull request:

Insecure Processing of Data (1)
Docs Details
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_processing_of_data.html?utm_source=ghpr#Unescaped variable in Mustache.js/Handlebars.js template file) Title: HTML escaping disabled (Mustache/Handlebars), Severity: Medium

create-linked-shortcut-story/action.yml

Line 29 in 905bed9

default: "Shortcut story: {{{ story.app_url }}}"

More info on how to fix Insecure Processing of Data in JavaScript.

Vulnerable Libraries (14)
Severity Details
Medium pkg:npm/@actions/[email protected]@1.3.0 (t) upgrade to: 1.9.1
High pkg:npm/[email protected]@5.0.0 (t) upgrade to: 6.0.1,5.0.1,4.1.1,3.0.1
High pkg:npm/[email protected]@2.0.1 (t) - no patch available
N/A pkg:npm/[email protected]@2.6.9 (t) upgrade to: 3.1.0
High pkg:npm/[email protected]@3.0.4 (t) upgrade to: 3.0.5
High pkg:npm/[email protected]@2.4.1 (t) - no patch available
High pkg:npm/[email protected]@1.0.1 (t) upgrade to: 2.2.2
Critical pkg:npm/[email protected]@1.2.5 (t) upgrade to: 1.2.6
High pkg:npm/[email protected]@1.0.4 (t) upgrade to: 1.0.5
Low pkg:npm/[email protected]@2.6.1 (t) - no patch available
Medium pkg:npm/[email protected]@3.0.2 (t) - no patch available
Medium pkg:npm/[email protected]@2.2.0 (t) - no patch available
High pkg:npm/[email protected]@2.2.0 (t) upgrade to: 2.2.2
Medium pkg:npm/[email protected]@4.2.0 (t) - no patch available

More info on how to fix Vulnerable Libraries in JavaScript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

This category covers the following issues:

@snipe
Copy link
Member Author

snipe commented Mar 7, 2023

@jerm this may not be necessary, as it looks like this was updated on a different fork:
singingwolfboy#31

Also having a hard time finding Jes' and Marcus' CH ids, as the method described here doesn't seem to be working anymore.

@snipe snipe requested a review from jerm March 7, 2023 19:14
@snipe
Copy link
Member Author

snipe commented Mar 7, 2023

FYI, @jerm - I have all of the members of SC's UUIDs now. I'll create a shortcut ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jerm jerm Awaiting requested review from jerm

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snipe