:warning: We detected 14 security issues in this pull request:
Hard-Coded Secrets (1)
Docs | Details
----- | --------
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#) | Title: **Secret Keyword**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/modules/user/config/install/user.mail.yml#L34
More info on how to fix Hard-Coded Secrets in [General](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#).
---
Insecure Use of Regular Expressions (7)
Docs | Details
----- | --------
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#) | Title: **Regex DOS (ReDOS)**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/misc/position.es6.js#L30
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#) | Title: **Regex DOS (ReDOS)**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/misc/position.js#L13
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#) | Title: **Regex DOS (ReDOS)**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/scripts/js/ckeditor5-types-documentation.js#L30
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#) | Title: **Regex DOS (ReDOS)**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/scripts/js/vendor-update.js#L34
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#) | Title: **Regex DOS (ReDOS)**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/misc/position.es6.js#L38
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#) | Title: **Regex DOS (ReDOS)**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/misc/position.es6.js#L40
[:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#) | Title: **Regex DOS (ReDOS)**, Severity: Medium https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/misc/position.js#L18
More info on how to fix Insecure Use of Regular Expressions in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr#).
---
Vulnerable Libraries (6)
Severity | Details
----- | --------
High | [pkg:npm/json5@2.2.1@2.2.1](https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/yarn.lock#L4313) (t) upgrade to: *2.2.2*
N/A | [pkg:npm/jake@10.8.5@10.8.5](https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/yarn.lock#L4145) (t) - **no patch available**
High | [pkg:npm/minimatch@3.0.4@3.0.4](https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/yarn.lock#L4649) (t) upgrade to: *3.0.5*
Medium | [pkg:npm/jquery-form@4.3.0@4.3.0](https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/yarn.lock#L4168) (t) - **no patch available**
N/A | [pkg:npm/debug@2.6.9@2.6.9](https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/yarn.lock#L2792) (t) upgrade to: *3.1.0*
Medium | [pkg:npm/node-fetch@2.6.7@2.6.7](https://github.com/pantheon-systems/drops-8/blob/b1237259c7da85859758e7f591363a947568e676/core/yarn.lock#L4822) (t) - **no patch available**
More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr#).
Update from Drupal 9.1.0 to Drupal 9.5.2.
This is experimental. Do not merge.