Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release v0.1.14 #234

Merged
merged 4 commits into from
May 23, 2024
Merged

Release v0.1.14 #234

merged 4 commits into from
May 23, 2024

Conversation

xopham
Copy link
Contributor

@xopham xopham commented May 23, 2024
edited
Loading

  • docs: add semgrep and sse links and dark mode
  • docs: add non-latest version announcement
  • docs: fix dark mode diagram
  • update: semgr8s v0.1.14

github-advanced-security[bot]
github-advanced-security bot found potential problems May 23, 2024
View reviewed changes
docs/overrides/main.html

{% block outdated %}
You're not viewing the docs of the latest version.
<a href="{{ '../' ~ base_url }}"><strong>Click here to go to the latest version.</strong></a>

Check warning

Code scanning / Semgrep OSS

Semgrep Finding: javascript.express.security.audit.xss.mustache.var-in-href.var-in-href Warning documentation

Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. If using a relative URL, start with a literal forward slash and concatenate the URL, like this: href='/{link}'. You may also consider setting the Content Security Policy (CSP) header.
docs/overrides/main.html

{% block outdated %}
You're not viewing the docs of the latest version.
<a href="{{ '../' ~ base_url }}"><strong>Click here to go to the latest version.</strong></a>

Check warning

Code scanning / Semgrep OSS

Semgrep Finding: python.django.security.audit.xss.template-href-var.template-href-var Warning documentation

Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use the 'url' template tag to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.
docs/overrides/main.html

{% block outdated %}
You're not viewing the docs of the latest version.
<a href="{{ '../' ~ base_url }}"><strong>Click here to go to the latest version.</strong></a>

Check warning

Code scanning / Semgrep OSS

Semgrep Finding: python.flask.security.xss.audit.template-href-var.template-href-var Warning documentation

Detected a template variable used in an anchor tag with the 'href' attribute. This allows a malicious actor to input the 'javascript:' URI and is subject to cross- site scripting (XSS) attacks. Use 'url_for()' to safely generate a URL. You may also consider setting the Content Security Policy (CSP) header.
@github-actions GitHub Actions
Copy link

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 296f8f1.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

PackageVersionScoreDetails

Scanned Manifest Files

@github-actions GitHub Actions
Copy link

Coverage

Coverage Report
FileStmtsMissCoverMissing
semgr8s
   __main__.py16160%5–29
   app.py78396%116, 175–176
   k8s_api.py22291%43–44
   updater.py29293%49–50
TOTAL1972388% 

Tests Skipped Failures Errors Time
18 0 💤 0 ❌ 0 🔥 2.195s ⏱️

@xopham xopham merged commit 296f8f1 into main May 23, 2024
78 of 80 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@xopham