search

turkdevops / portapps.github.io

🌍 Portapps website
https://portapps.io
MIT License
0 stars 1 forks source link

[Snyk] Upgrade jquery from 3.5.0 to 3.6.0 #59

Closed snyk-bot closed 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to upgrade jquery from 3.5.0 to 3.6.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

mistaken-pull-closer[bot] commented 3 years ago

Thanks for your submission.

It appears that you've created a pull request using one of our repository's branches. Since this is almost always a mistake, we're going to go ahead and close this. If it was intentional, please let us know what you were intending and we can see about reopening it.

Thanks again!

pull-dog[bot] commented 3 years ago

*Ruff* :dog: I wasn't able to find any Docker Compose files in your repository at any of the given paths in the pull-dog.json configuration file, or the default docker-compose.yml file :weary: Make sure the given paths are correct.

Files checked:

What is this? Pull Dog is a GitHub app that makes test environments for your pull requests using Docker, from a `docker-compose.yml` file you specify. It takes 19 seconds to set up (we counted!) and there's a free plan available. Visit our website to learn more.
Commands - `@pull-dog up` to reprovision or provision the server. - `@pull-dog down` to delete the provisioned server.
Troubleshooting Need help? Don't hesitate to file an issue in our repository **Configuration** ```json { "isLazy": false, "dockerComposeYmlFilePaths": [ "docker-compose.yml" ], "expiry": "00:00:00", "conversationMode": "singleComment" } ``` **Trace ID** 227d1820-99a1-11eb-83bc-dfd21cc66906
guardrails[bot] commented 3 years ago

:warning: We detected 10 security issues in this pull request: Mode: paranoid | Total findings: 10 | Considered vulnerability: 0

Hard-Coded Secrets (1) https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/_config.yml#L118 More info on how to fix Hard-Coded Secrets in [General](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr). ---
Insecure Use of Dangerous Function (1) https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/gulpfile.js#L7 More info on how to fix Insecure Use of Dangerous Function in [Javascript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_dangerous_function.html?utm_source=ghpr). ---
Insecure File Management (6) https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/gulpfile.js#L216 https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/gulpfile.js#L219 https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/gulpfile.js#L222 https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/gulpfile.js#L278 https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/gulpfile.js#L282 https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/gulpfile.js#L285 More info on how to fix Insecure File Management in [Javascript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/Insecure_file_management.html?utm_source=ghpr). ---
Insecure Use of Regular Expressions (1) https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/src/js/main.js#L33 More info on how to fix Insecure Use of Regular Expressions in [Javascript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_regular_expressions.html?utm_source=ghpr). ---
Vulnerable Libraries (1) - [kramdown@2.3.0](https://github.com/turkdevops/portapps.github.io/blob/f9399b16ae16328980a7a4d51f9c51fc83edcb68/Gemfile.lock#L48) upgrade to `>= 2.3.1` More info on how to fix Vulnerable Libraries in [Ruby](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.