Merge remote-tracking branch 'origin/main' into 2945-breadcrumbs-html… #8095
Andrew565continuous-integration.yml
on: push
Matrix: Build
login-to-amazon-ecr
5s
Validate App Registry
20s
Unit Tests
42s
Linting
1m 56s
Security Audit
22s
Drupal Cache Test
20m 43s
Run Jenkins CI
32s
Testing Reports
50s
Matrix: Deploy
Notify Failure
0s
Annotations
10 errors and 25 warnings
|
Security Audit
Security advisory:
Title: qs vulnerable to Prototype Pollution
Module name: qs
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>qs
Severity: high
Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp
|
|
Security Audit
Security advisory:
Title: tough-cookie Prototype Pollution vulnerability
Module name: tough-cookie
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>tough-cookie
Severity: moderate
Details: https://github.com/advisories/GHSA-72xf-g2v4-qvf3
|
|
Security Audit
Security advisory:
Title: qs vulnerable to Prototype Pollution
Module name: qs
Dependency: express
Path: express>qs
Severity: high
Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp
|
|
Security Audit
Security advisory:
Title: send vulnerable to template injection that can lead to XSS
Module name: send
Dependency: express
Path: express>send
Severity: moderate
Details: https://github.com/advisories/GHSA-m6fv-jmcg-4jfg
|
|
Security Audit
Security advisory:
Title: serve-static vulnerable to template injection that can lead to XSS
Module name: serve-static
Dependency: express
Path: express>serve-static
Severity: moderate
Details: https://github.com/advisories/GHSA-cm22-4g7w-348p
|
|
Security Audit
Security advisory:
Title: path-to-regexp outputs backtracking regular expressions
Module name: path-to-regexp
Dependency: express
Path: express>path-to-regexp
Severity: high
Details: https://github.com/advisories/GHSA-9wv6-86v2-598j
|
|
Security Audit
Security advisory:
Title: Command Injection in moment-timezone
Module name: moment-timezone
Dependency: moment-timezone
Path: moment-timezone
Severity: low
Details: https://github.com/advisories/GHSA-56x4-j7p9-fcf9
|
|
Security Audit
Security advisory:
Title: Cleartext Transmission of Sensitive Information in moment-timezone
Module name: moment-timezone
Dependency: moment-timezone
Path: moment-timezone
Severity: moderate
Details: https://github.com/advisories/GHSA-v78c-4p63-2j6c
|
|
Security Audit
Security advisory:
Title: json-schema is vulnerable to Prototype Pollution
Module name: json-schema
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>http-signature>jsprim>json-schema
Severity: critical
Details: https://github.com/advisories/GHSA-896r-f27r-55mw
|
|
Security Audit
Security advisory:
Title: Moment.js vulnerable to Inefficient Regular Expression Complexity
Module name: moment
Dependency: moment
Path: moment
Severity: high
Details: https://github.com/advisories/GHSA-wc69-rhjr-hc9g
|
|
login-to-amazon-ecr
Your docker password is not masked. See https://github.com/aws-actions/amazon-ecr-login#docker-credentials for more information.
|
|
Validate App Registry
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Security Audit
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Run Jenkins CI
The following actions use a deprecated Node.js version and will be forced to run on node20: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef, department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb, actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Unit Tests
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd, mikepenz/action-junit-report@959aefb7f095e717eb407fe917238d61ca323ff3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Linting
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Linting:
config/webpack.config.js#L31
config/webpack.config.js:31:22:Use an object spread instead of `Object.assign` eg: `{ ...foo }`.
|
|
Linting:
script/pr-check.js#L122
script/pr-check.js:122:7:Use array destructuring.
|
|
Linting:
script/pr-check.js#L129
script/pr-check.js:129:7:Unary operator '++' used.
|
|
Linting:
script/pr-check.js#L134
script/pr-check.js:134:7:Unary operator '++' used.
|
|
Linting:
script/run-unit-test.js#L2
script/run-unit-test.js:2:35:Unexpected use of file extension "js" for "./run-unit-test-help.js"
|
|
Linting:
script/serve.js#L2
script/serve.js:2:25:`command-line-args` import should occur before import of `./utils`
|
|
Linting:
src/platform/testing/e2e/cypress/support/commands/keyboard.js#L8
src/platform/testing/e2e/cypress/support/commands/keyboard.js:8:33:Unary operator '++' used.
|
|
Linting:
src/platform/testing/unit/axe-plugin.js#L1
src/platform/testing/unit/axe-plugin.js:1:18:Unexpected unnamed function.
|
|
Linting:
src/platform/testing/unit/axe-plugin.js#L5
src/platform/testing/unit/axe-plugin.js:5:59:Unexpected unnamed function.
|
|
Linting:
src/platform/testing/unit/renameKey.unit.spec.js#L8
src/platform/testing/unit/renameKey.unit.spec.js:8:3:Cypress E2E tests must include at least one axeCheck call. Documentation for adding checks and understanding errors can be found here: https://depo-platform-documentation.scrollhelp.site/developer-docs/A11y-Testing.1935409178.html
|
|
Drupal Cache Test
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Build (vagovprod)
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd, aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef, department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Build (vagovstaging)
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd, aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef, department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Build (vagovdev)
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd, aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef, department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Cypress E2E Tests
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8, nick-invision/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd, mikepenz/action-junit-report@959aefb7f095e717eb407fe917238d61ca323ff3, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Testing Reports
The following actions use a deprecated Node.js version and will be forced to run on node20: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef, department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb, actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c, actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a, google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b, LouisBrunner/checks-action@69aaabbcf32668b60dc03b65deabfe23e92d9c41. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Testing Reports
Unexpected input(s) 'service_account_key', 'export_default_credentials', valid inputs are ['skip_install', 'version', 'project_id', 'install_components']
|
|
Testing Reports
No authentication found for gcloud, authenticate with `google-github-actions/auth`.
|
|
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "cypress-mochawesome-test-results".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
cypress-mochawesome-test-results
|
50.7 KB |
|