Closed wesley-dean-gsa closed 2 weeks ago
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
✅ ACTION | actionlint | 4 | 0 | 0.06s | |
⚠️ CSS | scss-lint | 2 | 1 | 2.23s | |
✅ JAVASCRIPT | prettier | 6 | 0 | 0 | 1.11s |
✅ JSON | jsonlint | 7 | 0 | 0.19s | |
✅ JSON | npm-package-json-lint | yes | no | 0.39s | |
✅ JSON | prettier | 7 | 0 | 0 | 1.57s |
✅ JSON | v8r | 7 | 0 | 11.54s | |
✅ MARKDOWN | markdownlint | 20 | 0 | 0 | 2.09s |
✅ MARKDOWN | markdown-link-check | 20 | 0 | 52.63s | |
✅ MARKDOWN | markdown-table-formatter | 20 | 0 | 0 | 0.33s |
✅ REPOSITORY | checkov | yes | no | 13.24s | |
✅ REPOSITORY | gitleaks | yes | no | 0.14s | |
✅ REPOSITORY | git_diff | yes | no | 0.2s | |
⚠️ REPOSITORY | grype | yes | 3 | 12.37s | |
✅ REPOSITORY | secretlint | yes | no | 2.45s | |
⚠️ REPOSITORY | trivy | yes | 1 | 6.73s | |
✅ REPOSITORY | trivy-sbom | yes | no | 1.46s | |
✅ REPOSITORY | trufflehog | yes | no | 3.13s | |
⚠️ SPELL | cspell | 20 | 1 | 2.68s | |
✅ YAML | prettier | 14 | 0 | 0 | 1.31s |
✅ YAML | v8r | 11 | 0 | 15.05s | |
✅ YAML | yamllint | 14 | 0 | 0.44s |
See detailed report in MegaLinter reports
For over 50 years, GSA has been...
• Error: Duplicate id attribute value "svg-bedding" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-bedding └──For over 50 years, GSA has been...
• Error: Duplicate id attribute value "svg-bedding" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-bedding └──We have opted not to enable script integrity hashes at this time. Accepting this poses minimal risk given that of the three libraries being imported, two are TTS-supported (DAP and Search). The decision will be further documented in an ADR.
see #178
Changes proposed in this pull request
This addresses several of the issues SonarQube identified as security hotspots. The most significant changes are that several of our scripts now have hashes presented in the
<script />
tags and, should the deployed scripts change, our stuff may break which will require us to rehash and update our scripts.security considerations
These ought to help us address CWE-353.
closes #161