Bump the npm_and_yarn group with 20 updates #8353
dependabot[bot]continuous-integration.yml
on: push
Matrix: Build
login-to-amazon-ecr
4s
Validate App Registry
1m 30s
Unit Tests
1m 46s
Linting
2m 10s
Security Audit
1m 28s
Drupal Cache Test
1m 21s
Run Jenkins CI
4s
Testing Reports
0s
Matrix: Deploy
Notify Failure
0s
Annotations
20 errors and 17 warnings
|
Run Jenkins CI
Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers
|
|
login-to-amazon-ecr
Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers
|
|
Drupal Cache Test
Process completed with exit code 1.
|
|
Security Audit
Security advisory:
Title: qs vulnerable to Prototype Pollution
Module name: qs
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>qs
Severity: high
Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp
|
|
Security Audit
Security advisory:
Title: tough-cookie Prototype Pollution vulnerability
Module name: tough-cookie
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>tough-cookie
Severity: moderate
Details: https://github.com/advisories/GHSA-72xf-g2v4-qvf3
|
|
Security Audit
Security advisory:
Title: cookie accepts cookie name, path, and domain with out of bounds characters
Module name: cookie
Dependency: express
Path: express>cookie
Severity: low
Details: https://github.com/advisories/GHSA-pxg6-pf52-xh8x
|
|
Security Audit
Security advisory:
Title: send vulnerable to template injection that can lead to XSS
Module name: send
Dependency: express
Path: express>serve-static>send
Severity: low
Details: https://github.com/advisories/GHSA-m6fv-jmcg-4jfg
|
|
Security Audit
Security advisory:
Title: Unpatched `path-to-regexp` ReDoS in 0.1.x
Module name: path-to-regexp
Dependency: express
Path: express>path-to-regexp
Severity: moderate
Details: https://github.com/advisories/GHSA-rhx6-c78j-4q9w
|
|
Security Audit
Security advisory:
Title: json-schema is vulnerable to Prototype Pollution
Module name: json-schema
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>http-signature>jsprim>json-schema
Severity: critical
Details: https://github.com/advisories/GHSA-896r-f27r-55mw
|
|
Security Audit
Security advisory:
Title: Vercel ms Inefficient Regular Expression Complexity vulnerability
Module name: ms
Dependency: metalsmith-markdownit
Path: metalsmith-markdownit>debug>ms
Severity: moderate
Details: https://github.com/advisories/GHSA-w9mr-4mfr-499f
|
|
Security Audit
Security advisory:
Title: debug Inefficient Regular Expression Complexity vulnerability
Module name: debug
Dependency: metalsmith-markdownit
Path: metalsmith-markdownit>debug
Severity: high
Details: https://github.com/advisories/GHSA-9vvw-cc9w-f27h
|
|
Security Audit
Security advisory:
Title: debug Inefficient Regular Expression Complexity vulnerability
Module name: debug
Dependency: metalsmith-permalinks
Path: metalsmith-permalinks>debug
Severity: high
Details: https://github.com/advisories/GHSA-9vvw-cc9w-f27h
|
|
Security Audit
Security advisory:
Title: Regular Expression Denial of Service in debug
Module name: debug
Dependency: metalsmith-markdownit
Path: metalsmith-markdownit>debug
Severity: low
Details: https://github.com/advisories/GHSA-gxpj-cx7g-858c
|
|
Unit Tests
❌ Failed to create checks using the provided token. (HttpError: Resource not accessible by integration)
|
|
Linting
Process completed with exit code 1.
|
|
Build (vagovprod)
Final attempt failed. Child_process exited with error code 1
|
|
Build (vagovdev)
The job was canceled because "vagovprod" failed.
|
|
Build (vagovdev)
The operation was canceled.
|
|
Build (vagovstaging)
The job was canceled because "vagovprod" failed.
|
|
Build (vagovstaging)
The operation was canceled.
|
|
Run Jenkins CI
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
login-to-amazon-ecr
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Drupal Cache Test
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Security Audit
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Validate App Registry
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Unit Tests
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Unit Tests
⚠️ This usually indicates insufficient permissions. More details: https://github.com/mikepenz/action-junit-report/issues/23
|
|
Linting
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Build (vagovprod)
Failed to restore: "/usr/bin/tar" failed with error: The process '/usr/bin/tar' failed with exit code 2
|
|
Build (vagovprod)
Attempt 1 failed. Reason: Child_process exited with error code 1
|
|
Build (vagovprod)
Attempt 2 failed. Reason: Child_process exited with error code 1
|
|
Build (vagovdev)
Attempt 1 failed. Reason: Child_process exited with error code 1
|
|
Build (vagovdev)
Attempt 2 failed. Reason: Child_process exited with error code 1
|
|
Build (vagovdev)
Failed to restore: "/usr/bin/tar" failed with error: The process '/usr/bin/tar' failed with exit code 2
|
|
Build (vagovstaging)
Failed to restore: "/usr/bin/tar" failed with error: The process '/usr/bin/tar' failed with exit code 2
|
|
Build (vagovstaging)
Attempt 1 failed. Reason: Child_process exited with error code 1
|
|
Build (vagovstaging)
Attempt 2 failed. Reason: Child_process exited with error code 1
|