Closed renovate[bot] closed 3 days ago
Internal tracking:
Checkmarx One – Scan Summary & Details – 75e17c6c-c31d-420d-8a9a-d076e56adfc7
Severity | Issue | Source File / Package | Checkmarx Insight |
---|---|---|---|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 106 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 104 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 98 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 96 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 90 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 88 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/cipher.spec.ts: 137 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/login.spec.ts: 40 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/password.spec.ts: 29 | Attack Vector | |
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/login.spec.ts: 69 | Attack Vector | |
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /jslib/node/src/services/nodeCryptoFunction.service.ts: 138 | Attack Vector | |
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /jslib/node/src/services/nodeCryptoFunction.service.ts: 178 | Attack Vector | |
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /jslib/node/src/services/nodeCryptoFunction.service.ts: 99 | Attack Vector | |
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /jslib/node/src/services/nodeCryptoFunction.service.ts: 87 | Attack Vector | |
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /jslib/node/src/services/nodeCryptoFunction.service.ts: 21 | Attack Vector |
Severity | Issue | Source File / Package |
---|---|---|
Client_Privacy_Violation | /src/app/tabs/settings.component.html: 370 | |
Client_Privacy_Violation | /src/app/tabs/settings.component.html: 229 | |
Client_Privacy_Violation | /src/app/tabs/settings.component.html: 212 | |
SSRF | /src/services/onelogin-directory.service.ts: 178 | |
Missing_CSP_Header | /jslib/node/src/cli/commands/login.command.ts: 550 |
Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.
⚠️ Warning: custom changes will be lost.
I can't find a place where this package is used.
I've been using a dependency audit tool called depcheck
, and it reports this package as being in use somewhere in the project. BUT I can't find it anywhere. Here are some notes:
open
, is a cli tool used for opening urls, files, etc. in non web-apps. open
for electron on the package READMESeeking a second opinion on this one before merging to remove the package instead of updating it.
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 0.00%. Comparing base (
46fb407
) to head (a4cf1e4
). Report is 1 commits behind head on main.
:white_check_mark: All tests successful. No failed tests found.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
This is discussed a bit above, but to be clear:
I replaced the function body this package was referenced in with a not implemented error, and removed its references in jslib. They were for opening SSO login screens from a CLI, which is not supported in DC.
This PR contains the following updates:
8.4.2
->10.0.3
Release Notes
sindresorhus/open (open)
### [`v10.0.3`](https://togithub.com/sindresorhus/open/releases/tag/v10.0.3) [Compare Source](https://togithub.com/sindresorhus/open/compare/v10.0.2...v10.0.3) - Fix `target` option on macOS ([#332](https://togithub.com/sindresorhus/open/issues/332)) [`b597dec`](https://togithub.com/sindresorhus/open/commit/b597dec) ### [`v10.0.2`](https://togithub.com/sindresorhus/open/releases/tag/v10.0.2) [Compare Source](https://togithub.com/sindresorhus/open/compare/v10.0.1...v10.0.2) - Fix Linux compatibility [`798cd93`](https://togithub.com/sindresorhus/open/commit/798cd93) ### [`v10.0.1`](https://togithub.com/sindresorhus/open/releases/tag/v10.0.1) [Compare Source](https://togithub.com/sindresorhus/open/compare/v10.0.0...v10.0.1) - Add Windows environment variable fallback for some broken systems ([#328](https://togithub.com/sindresorhus/open/issues/328)) [`8e69be4`](https://togithub.com/sindresorhus/open/commit/8e69be4) ### [`v10.0.0`](https://togithub.com/sindresorhus/open/releases/tag/v10.0.0) [Compare Source](https://togithub.com/sindresorhus/open/compare/v9.1.0...v10.0.0) ##### Breaking - Require Node.js 18 [`5628dc8`](https://togithub.com/sindresorhus/open/commit/5628dc8) ### [`v9.1.0`](https://togithub.com/sindresorhus/open/releases/tag/v9.1.0) [Compare Source](https://togithub.com/sindresorhus/open/compare/v9.0.0...v9.1.0) - Update dependencies [`46adf0b`](https://togithub.com/sindresorhus/open/commit/46adf0b) ### [`v9.0.0`](https://togithub.com/sindresorhus/open/releases/tag/v9.0.0) [Compare Source](https://togithub.com/sindresorhus/open/compare/v8.4.2...v9.0.0) ##### Breaking - Require Node.js 14 [`7f5995e`](https://togithub.com/sindresorhus/open/commit/7f5995e) - This package is now pure ESM. **Please [read this](https://gist.github.com/sindresorhus/a39789f98801d908bbc7ff3ecc99d99c).** - Please don't open issues regarding ESM / CommonJS. - `open.openApp` is now a named import: `import {openApp} from 'open'` - `open.apps` is now a named import: `import {apps} from 'open'` ##### Improvements - Add the ability to open default browser and default browser in private mode ([#294](https://togithub.com/sindresorhus/open/issues/294)) [`3b79981`](https://togithub.com/sindresorhus/open/commit/3b79981)Configuration
📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.
AC-2224