search

ah-ha-admin / refactored-memory

MIT License
1 stars 1 forks source link

Update dart-lang/setup-dart digest to d0b01d2 #452

Open renovate[bot] opened 1 year ago

renovate[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
dart-lang/setup-dart action digest 08de7e0 -> d0b01d2

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

vercel[bot] commented 1 year ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
refactored-memory ❌ Failed (Inspect) Nov 1, 2024 6:30pm
refactored-memory-pif7 ❌ Failed (Inspect) Nov 1, 2024 6:30pm
commit-lint[bot] commented 1 year ago

Contributors

renovate[bot]

Commit-Lint commands
You can trigger Commit-Lint actions by commenting on this PR: - `@Commit-Lint merge patch` will merge dependabot PR on "patch" versions (X.X.Y - Y change) - `@Commit-Lint merge minor` will merge dependabot PR on "minor" versions (X.Y.Y - Y change) - `@Commit-Lint merge major` will merge dependabot PR on "major" versions (Y.Y.Y - Y change) - `@Commit-Lint merge disable` will desactivate merge dependabot PR - `@Commit-Lint review` will approve dependabot PR - `@Commit-Lint stop review` will stop approve dependabot PR
guardrails[bot] commented 1 year ago

:warning: We detected 18 security issues in this pull request:

Mode: paranoid | Total findings: 18 | Considered vulnerability: 18

Hard-Coded Secrets (16)
Severity | Details | Docs :-: | :-- | :-: Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/##SomeNotes#L533 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/AndroidManifest.xml#L6 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/stackhawk.yml#L1 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/stackhawk.yml#L93 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/checkmarx.yml#L41 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/soos-dast-scan.yml#L37 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/Sexflixxxvip00/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/action.yml#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/action.yml#L490 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/action.yml#L509 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/stackhawk.yml#L82 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/static.yml#L9 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **Netlify API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/jekyll-pages.yml#L44 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#netlify-api-key) More info on how to fix Hard-Coded Secrets in [General](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr). ---
Insecure Use of Dangerous Function (2)
Severity | Details | Docs :-: | :-- | :-: High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/.github/workflows/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/e71bda8fc33dd3c320eaede2949adb68178aabf4/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) More info on how to fix Insecure Use of Dangerous Function in [Ruby](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

squash-labs[bot] commented 1 year ago

Manage this branch in Squash

Test this branch here: https://renovatedart-lang-setup-dart-d-moz12.squash.io