Update qodana.yml #68
Annotations
14 errors, 30 warnings, and 4 notices
ESLint:
js/src/carousel.js#L530
ESLint: Too many blank lines at the end of file. Max of 1 allowed. (no-multiple-empty-lines)
|
ESLint:
js/src/collapse.js#L46
ESLint: Expected '===' and instead saw '=='. (eqeqeq)
|
ESLint:
js/src/modal.js#L421
ESLint: Too many blank lines at the end of file. Max of 1 allowed. (no-multiple-empty-lines)
|
ESLint:
site/static/sw.js#L11
ESLint: Parsing error: Unexpected token of
|
ESLint:
js/src/collapse.js#L46
ESLint: 'fgs' is assigned a value but never used. (no-unused-vars)
|
ESLint:
js/src/collapse.js#L46
ESLint: Expected literal to be on the right side of ==. (yoda)
|
Vulnerable declared dependency:
package.json#L127
Dependency npm:ip:1.1.5 is vulnerable , safe version 2.0.1
* [CVE-2023-42282](https://devhub.checkmarx.com/cve-details/CVE-2023-42282?utm_source=jetbrains&utm_medium=referral) 9.8 Server-Side Request Forgery (SSRF) vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
ESLint:
js/src/carousel.js#L530
ESLint: Too many blank lines at the end of file. Max of 1 allowed. (no-multiple-empty-lines)
|
ESLint:
js/src/collapse.js#L46
ESLint: Expected '===' and instead saw '=='. (eqeqeq)
|
ESLint:
js/src/modal.js#L421
ESLint: Too many blank lines at the end of file. Max of 1 allowed. (no-multiple-empty-lines)
|
ESLint:
site/static/sw.js#L11
ESLint: Parsing error: Unexpected token of
|
ESLint:
js/src/collapse.js#L46
ESLint: 'fgs' is assigned a value but never used. (no-unused-vars)
|
ESLint:
js/src/collapse.js#L46
ESLint: Expected literal to be on the right side of ==. (yoda)
|
Vulnerable declared dependency:
package.json#L127
Dependency npm:ip:1.1.5 is vulnerable , safe version 2.0.1
* [CVE-2023-42282](https://devhub.checkmarx.com/cve-details/CVE-2023-42282?utm_source=jetbrains&utm_medium=referral) 9.8 Server-Side Request Forgery (SSRF) vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
ESLint:
js/src/carousel.js#L129
ESLint: Unexpected 'fixme' comment: 'FIXME TODO use...'. (no-warning-comments)
|
ESLint:
js/src/tooltip.js#L340
ESLint: Unexpected 'todo' comment: 'todo: on v6 the following can be...'. (no-warning-comments)
|
ESLint:
js/src/dom/selector-engine.js#L52
ESLint: Unexpected 'todo' comment: 'TODO: this is now unused; remove later...'. (no-warning-comments)
|
ESLint:
js/src/button.js#L73
ESLint: Unexpected 'fixme' comment: 'FIXME TODO use...'. (no-warning-comments)
|
ESLint:
js/src/dropdown.js#L297
ESLint: Unexpected 'todo' comment: 'todo:v6 remove'. (no-warning-comments)
|
ESLint:
js/src/button.js#L56
ESLint: Unexpected 'fixme' comment: 'FIXME TODO use...'. (no-warning-comments)
|
ESLint:
js/src/tooltip.js#L334
ESLint: Unexpected 'todo' comment: 'todo: remove this check on v6'. (no-warning-comments)
|
Check JavaScript and TypeScript source code coverage:
js/src/tooltip.js#L511
Method `_hideModalHandler` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/swipe.js#L68
Method `NAME` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/focustrap.js#L57
Method `NAME` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/index.js#L169
Method `findShadowRoot` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/backdrop.js#L58
Method `NAME` coverage is below the threshold 50%
|
Vulnerable declared dependency:
package.json#L150
Dependency npm:terser:5.10.0 is vulnerable , safe version 5.14.2
* [CVE-2022-25858](https://devhub.checkmarx.com/cve-details/CVE-2022-25858?utm_source=jetbrains&utm_medium=referral) 7.5 Inefficient Regular Expression Complexity vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
Vulnerable declared dependency:
package.json#L108
Dependency npm:@babel/core:7.17.0 is vulnerable , safe version 7.18.6
* [Cxc7705965-e0f0](https://devhub.checkmarx.com/cve-details/Cxc7705965-e0f0?utm_source=jetbrains&utm_medium=referral) 7.5 Missing Release of Memory after Effective Lifetime vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
qodana
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/setup-node@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
qodana
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
ESLint:
js/src/carousel.js#L129
ESLint: Unexpected 'fixme' comment: 'FIXME TODO use...'. (no-warning-comments)
|
ESLint:
js/src/tooltip.js#L340
ESLint: Unexpected 'todo' comment: 'todo: on v6 the following can be...'. (no-warning-comments)
|
ESLint:
js/src/dom/selector-engine.js#L52
ESLint: Unexpected 'todo' comment: 'TODO: this is now unused; remove later...'. (no-warning-comments)
|
ESLint:
js/src/button.js#L73
ESLint: Unexpected 'fixme' comment: 'FIXME TODO use...'. (no-warning-comments)
|
ESLint:
js/src/dropdown.js#L297
ESLint: Unexpected 'todo' comment: 'todo:v6 remove'. (no-warning-comments)
|
ESLint:
js/src/button.js#L56
ESLint: Unexpected 'fixme' comment: 'FIXME TODO use...'. (no-warning-comments)
|
ESLint:
js/src/tooltip.js#L334
ESLint: Unexpected 'todo' comment: 'todo: remove this check on v6'. (no-warning-comments)
|
Check JavaScript and TypeScript source code coverage:
js/src/tooltip.js#L511
Method `_hideModalHandler` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/swipe.js#L68
Method `NAME` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/focustrap.js#L57
Method `NAME` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/index.js#L169
Method `findShadowRoot` coverage is below the threshold 50%
|
Check JavaScript and TypeScript source code coverage:
js/src/util/backdrop.js#L58
Method `NAME` coverage is below the threshold 50%
|
Vulnerable declared dependency:
package.json#L150
Dependency npm:terser:5.10.0 is vulnerable , safe version 5.14.2
* [CVE-2022-25858](https://devhub.checkmarx.com/cve-details/CVE-2022-25858?utm_source=jetbrains&utm_medium=referral) 7.5 Inefficient Regular Expression Complexity vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
Vulnerable declared dependency:
package.json#L108
Dependency npm:@babel/core:7.17.0 is vulnerable , safe version 7.18.6
* [Cxc7705965-e0f0](https://devhub.checkmarx.com/cve-details/Cxc7705965-e0f0?utm_source=jetbrains&utm_medium=referral) 7.5 Missing Release of Memory after Effective Lifetime vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
Vulnerable declared dependency:
package.json#L141
Dependency npm:postcss:8.4.6 is vulnerable , safe version 8.4.31
* [CVE-2023-44270](https://devhub.checkmarx.com/cve-details/CVE-2023-44270?utm_source=jetbrains&utm_medium=referral) 5.3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ("Injection") vulnerability with Medium severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
Vulnerable declared dependency:
package.json#L129
Dependency npm:karma:6.3.15 is vulnerable , safe version 6.3.16
* [CVE-2021-23495](https://devhub.checkmarx.com/cve-details/CVE-2021-23495?utm_source=jetbrains&utm_medium=referral) 6.1 URL Redirection to Untrusted Site ("Open Redirect") vulnerability with Medium severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
Vulnerable declared dependency:
package.json#L141
Dependency npm:postcss:8.4.6 is vulnerable , safe version 8.4.31
* [CVE-2023-44270](https://devhub.checkmarx.com/cve-details/CVE-2023-44270?utm_source=jetbrains&utm_medium=referral) 5.3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ("Injection") vulnerability with Medium severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|
Vulnerable declared dependency:
package.json#L129
Dependency npm:karma:6.3.15 is vulnerable , safe version 6.3.16
* [CVE-2021-23495](https://devhub.checkmarx.com/cve-details/CVE-2021-23495?utm_source=jetbrains&utm_medium=referral) 6.1 URL Redirection to Untrusted Site ("Open Redirect") vulnerability with Medium severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
|