Skip to content

5.4#3872

Merged
lukeholder merged 202 commits into
5.xfrom
5.4
Jun 23, 2025
Merged

5.4#3872
lukeholder merged 202 commits into
5.xfrom
5.4

Fix bad merge

a2c53d0
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Jun 23, 2025 in 4s

4 new alerts including 2 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 2 high
  • 2 medium

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 2 in src/web/assets/commerceui/dist/js/app.js

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete string escaping or encoding High

This replaces only the first occurrence of "\n".

Check warning on line 2 in src/web/assets/commerceui/dist/js/app.js

See this annotation in the file changed.

Code scanning / CodeQL

Overly permissive regular expression range Medium

Suspicious character range that is equivalent to [A-Z[]^_`a-z].

Check warning on line 2 in src/web/assets/commerceui/dist/js/app.js

See this annotation in the file changed.

Code scanning / CodeQL

Overly permissive regular expression range Medium

Suspicious character range that is equivalent to [A-Z[]^_`a-z].

Check failure on line 2 in src/web/assets/commerceui/dist/js/app.js

See this annotation in the file changed.

Code scanning / CodeQL

Insecure randomness High

This uses a cryptographically insecure random number generated at
Math.random()
in a security context.
This uses a cryptographically insecure random number generated at
Math.random()
in a security context.
This uses a cryptographically insecure random number generated at
Math.random()
in a security context.
This uses a cryptographically insecure random number generated at
Math.random()
in a security context.