Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restyle [Snyk] Security upgrade debian from stretch-20210408-slim to stretch-slim #251

Open
wants to merge 1 commit into
base: snyk-fix-d1f5dd06449bb4986d5d6757581b39ad
Choose a base branch
from
Open

Restyle [Snyk] Security upgrade debian from stretch-20210408-slim to stretch-slim #251

wants to merge 1 commit into from

Conversation

restyled-io[bot]
Copy link

@restyled-io restyled-io bot commented Apr 21, 2022

Automated style fixes for #250, created by Restyled.

The following restylers made fixes:

To incorporate these changes, merge this Pull Request into the original. We
recommend using the Squash or Rebase strategies.

NOTE: As work continues on the original Pull Request, this process will
re-run and update (force-push) this Pull Request with updated style fixes as
necessary. If the style is fixed manually at any point (i.e. this process finds
no fixes to make), this Pull Request will be closed automatically.

Sorry if this was unexpected. To disable it, see our documentation.

@guardrails
Copy link

guardrails bot commented Apr 21, 2022

⚠️ We detected 921 security issues in this pull request:

Mode: paranoid | Total findings: 921 | Considered vulnerability: 921

Insecure File Management (206)
Docs Details
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/all-products.js

Line 9 in bdb0f78

const { data } = frontmatter(fs.readFileSync(homepage, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/all-products.js

Line 20 in bdb0f78

if (!fs.existsSync(dir)) return
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/all-products.js

Line 23 in bdb0f78

const { data } = frontmatter(fs.readFileSync(toc, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/built-asset-urls.js

Line 7 in bdb0f78

const buffer = fs.readFileSync(absFilePath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/data-directory.js

Line 44 in bdb0f78

filename => [filename, fs.readFileSync(filename, 'utf8')]
💡 Title: Use of non-literal require, Severity: High

docs/lib/instrument-middleware.js

Line 8 in bdb0f78

const middleware = require(path.resolve(__dirname, '../middleware', relativePath))
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/layouts.js

Line 14 in bdb0f78

const content = fs.readFileSync(fullPath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/react/engine.js

Line 19 in bdb0f78

if (!fs.existsSync(path.join(dist, 'react'))) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/react/engine.js

Line 20 in bdb0f78

fs.mkdirSync(path.join(dist, 'react'), { recursive: true })
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/react/engine.js

Line 22 in bdb0f78

const content = transform(fs.readFileSync(file.path, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/react/engine.js

Line 23 in bdb0f78

fs.writeFileSync(path.join(dist, file.path), content)
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/readfile-async.js

Line 6 in bdb0f78

module.exports = util.promisify(fs.readFile)
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/rest/index.js

Line 6 in bdb0f78

fs.readdirSync(schemasPath)
💡 Title: Use of non-literal require, Severity: High

docs/lib/rest/index.js

Line 9 in bdb0f78

const value = require(path.join(schemasPath, filename))
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/search/lunr-get-index-names.js

Line 5 in bdb0f78

return await fs.readdir(path.join(__dirname, 'indexes'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/search/lunr-search-index.js

Line 78 in bdb0f78

.then(content => fs.writeFile(
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/search/lunr-search-index.js

Line 88 in bdb0f78

.then(content => fs.writeFile(
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/search/sync.js

Line 80 in bdb0f78

fs.writeFileSync(cacheFile, JSON.stringify(index, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/search/sync.js

Line 100 in bdb0f78

fs.writeFileSync(
💡 Title: Use of non-literal fs filename, Severity: High

docs/lib/webhooks/index.js

Line 11 in bdb0f78

const versions = fs.readdirSync(staticDir)
💡 Title: Use of non-literal require, Severity: High

docs/lib/webhooks/index.js

Line 22 in bdb0f78

set(payloadsPerVersion, payloadPath, formatAsJsonCodeBlock(require(payloadFile)))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/clone-for-build.js

Line 123 in bdb0f78

if (fs.existsSync(destDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/symlink-from-local-repo.js

Line 41 in bdb0f78

dirStats = fs.statSync(earlyAccessLocalRepoDir)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/symlink-from-local-repo.js

Line 86 in bdb0f78

if (!fs.existsSync(sourceDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/symlink-from-local-repo.js

Line 92 in bdb0f78

fs.symlinkSync(sourceDir, destDir, 'junction')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/symlink-from-local-repo.js

Line 95 in bdb0f78

if (!fs.existsSync(destDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/symlink-from-local-repo.js

Line 98 in bdb0f78

if (!fs.lstatSync(destDir).isSymbolicLink()) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/symlink-from-local-repo.js

Line 101 in bdb0f78

if (!fs.statSync(destDir).isDirectory()) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/update-data-and-image-paths.js

Line 37 in bdb0f78

if (!fs.existsSync(earlyAccessContentAndDataFiles)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/update-data-and-image-paths.js

Line 51 in bdb0f78

const oldContents = fs.readFileSync(file, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/update-data-and-image-paths.js

Line 111 in bdb0f78

fs.writeFileSync(file, newContents)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/update-data-and-image-paths.js

Line 131 in bdb0f78

if (!fs.existsSync(variablePath)) return false
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/update-data-and-image-paths.js

Line 134 in bdb0f78

const variableFileContent = yaml.safeLoad(fs.readFileSync(variablePath, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/update-data-and-image-paths.js

Line 148 in bdb0f78

return fs.existsSync(`${path.posix.join(earlyAccessData, reusablePath)}.md`)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/update-data-and-image-paths.js

Line 158 in bdb0f78

return fs.existsSync(path.posix.join(earlyAccessImages, imagePath))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/archive-version.js

Line 89 in bdb0f78

await fs
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/archive-version.js

Line 115 in bdb0f78

if (!fs.existsSync(fullPathToArchivalRepo)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/archive-version.js

Line 143 in bdb0f78

fs.mkdirSync(finalDirectory, { recursive: true })
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/archive-version.js

Line 166 in bdb0f78

fs.renameSync(
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/archive-version.js

Line 200 in bdb0f78

fs.writeFileSync(path.posix.join(finalDirectory, 'redirects.json'), JSON.stringify(redirectsPerVersion, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/remove-static-files.js

Line 41 in bdb0f78

fs.readdirSync(dir)
💡 Title: Use of non-literal require, Severity: High

docs/script/enterprise-server-deprecations/remove-version-markup.js

Line 65 in bdb0f78

require(path.join(process.cwd(), removeUnusedAssetsScript))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/remove-version-markup.js

Line 73 in bdb0f78

const oldContents = fs.readFileSync(file, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-deprecations/remove-version-markup.js

Line 103 in bdb0f78

fs.writeFileSync(file, newContents)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 45 in bdb0f78

if (!fs.existsSync(newSchemaFile)) {
💡 Title: Use of non-literal require, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 55 in bdb0f78

const previews = require(previewsFile)
💡 Title: Use of non-literal require, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 56 in bdb0f78

const changes = require(changesFile)
💡 Title: Use of non-literal require, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 57 in bdb0f78

const objects = require(objectsFile)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 85 in bdb0f78

fs.writeFileSync(previewsFile, JSON.stringify(previews, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 86 in bdb0f78

fs.writeFileSync(changesFile, JSON.stringify(changes, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 87 in bdb0f78

fs.writeFileSync(objectsFile, JSON.stringify(objects, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 95 in bdb0f78

fs.readdirSync(srcDir).forEach(file => {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 102 in bdb0f78

if (!fs.existsSync(destDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-graphql-files.js

Line 107 in bdb0f78

if (!fs.readdirSync(destDir).length) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-rest-files.js

Line 50 in bdb0f78

if (!fs.existsSync(oldDereferencedFile)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-rest-files.js

Line 55 in bdb0f78

const oldDereferencedContent = fs.readFileSync(oldDereferencedFile, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-rest-files.js

Line 63 in bdb0f78

fs.writeFileSync(newDereferencedFile, newDereferenceContent)
💡 Title: Use of non-literal require, Severity: High

docs/script/enterprise-server-releases/create-rest-files.js

Line 66 in bdb0f78

const dereferencedSchema = require(path.join(process.cwd(), newDereferencedFile))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-rest-files.js

Line 75 in bdb0f78

fs.writeFileSync(newDecoratedFile, JSON.stringify(operations, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-webhook-files.js

Line 45 in bdb0f78

fs.readdirSync(srcDir).forEach(file => {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-webhook-files.js

Line 52 in bdb0f78

if (!fs.existsSync(destDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/create-webhook-files.js

Line 57 in bdb0f78

if (!fs.readdirSync(destDir).length) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js

Line 99 in bdb0f78

const dataContent = fs.readFileSync(file, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js

Line 107 in bdb0f78

fs.writeFileSync(file, newDataContent)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js

Line 113 in bdb0f78

const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js

Line 136 in bdb0f78

fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/release-banner.js

Line 41 in bdb0f78

const releaseCandidateData = yaml.safeLoad(fs.readFileSync(releaseCandidateYaml, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/enterprise-server-releases/release-banner.js

Line 53 in bdb0f78

fs.writeFileSync(releaseCandidateYaml, yaml.safeDump(releaseCandidateData))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/fix-translation-errors.js

Line 94 in bdb0f78

fs.writeFileSync(localisedAbsPath, toWrite)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/get-new-dotcom-path.js

Line 30 in bdb0f78

if (fs.existsSync(categoryDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/build-changelog.js

Line 18 in bdb0f78

const previousChangelogString = fs.readFileSync(targetPath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/build-changelog.js

Line 23 in bdb0f78

fs.writeFileSync(targetPath, JSON.stringify(previousChangelog, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/update-files.js

Line 74 in bdb0f78

const previousUpcomingChanges = yaml.safeLoad(fs.readFileSync(upcomingChangesPath, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/update-files.js

Line 82 in bdb0f78

const previousSchemaString = fs.readFileSync(schemaPath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/update-files.js

Line 192 in bdb0f78

fs.writeFileSync(filepath, content, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/update-files.js

Line 204 in bdb0f78

fs.writeFileSync(tempSchemaFilePath, latestSchema)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/update-files.js

Line 206 in bdb0f78

fs.unlinkSync(tempSchemaFilePath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/utils/prerender-input-objects.js

Line 8 in bdb0f78

const inputObjectIncludeFile = fs.readFileSync(path.join(includes, 'graphql-input-object.html'), 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/graphql/utils/prerender-objects.js

Line 8 in bdb0f78

const objectIncludeFile = fs.readFileSync(path.join(includes, 'graphql-object.html'), 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-category-to-product.js

Line 30 in bdb0f78

assert(fs.existsSync(oldCategoryDir), `directory does not exist: ${oldCategoryDir}`)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-category-to-product.js

Line 50 in bdb0f78

if (!fs.existsSync(productDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-category-to-product.js

Line 67 in bdb0f78

fs.writeFileSync(productTocPath, matter.stringify(content, data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-category-to-product.js

Line 72 in bdb0f78

const tocContents = fs.readFileSync(oldProductTocPath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-category-to-product.js

Line 79 in bdb0f78

fs.writeFileSync(oldProductTocPath, matter.stringify(newContent, data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-category-to-product.js

Line 87 in bdb0f78

const articleContents = fs.readFileSync(file, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-category-to-product.js

Line 99 in bdb0f78

fs.writeFileSync(file, newContents)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-reusables-to-markdown.js

Line 28 in bdb0f78

const fileContent = fs.readFileSync(fullPath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/move-reusables-to-markdown.js

Line 35 in bdb0f78

fs.writeFileSync(markdownFilename, value)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/purge-fastly-by-url.js

Line 43 in bdb0f78

if (batchFile && !fs.existsSync(batchFile)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/purge-fastly-by-url.js

Line 54 in bdb0f78

fs.readFileSync(batchFile, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 44 in bdb0f78

const contents = fs.readFileSync(categoryIndex, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 81 in bdb0f78

fs.writeFileSync(categoryIndex, frontmatter.stringify(content, data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 84 in bdb0f78

for (const articleFileName of fs.readdirSync(categoryDirPath)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 101 in bdb0f78

const articleContents = fs.readFileSync(articlePath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 111 in bdb0f78

fs.writeFileSync(articlePath, frontmatter.stringify(articleContent, articleData, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 119 in bdb0f78

const productIndexContents = fs.readFileSync(productIndexPath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 122 in bdb0f78

fs.writeFileSync(productIndexPath, frontmatter.stringify(revisedProductIndex, productIndexData, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-category-dirs-with-ids.js

Line 127 in bdb0f78

fs.renameSync(categoryDirPath, newPath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-filenames-with-ids.js

Line 37 in bdb0f78

const { data, content } = frontmatter(fs.readFileSync(oldFullPath, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reconcile-filenames-with-ids.js

Line 77 in bdb0f78

fs.writeFileSync(newFullPath, frontmatter.stringify(content, data))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/remove-extraneous-translation-files.js

Line 21 in bdb0f78

fs.unlinkSync(file)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/remove-unused-assets.js

Line 39 in bdb0f78

: fs.unlinkSync(reusablePath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/remove-unused-assets.js

Line 50 in bdb0f78

: fs.unlinkSync(imagePath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-enterprise-dates.js

Line 7 in bdb0f78

const enterpriseDatesString = fs.readFileSync(enterpriseDatesFile, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-enterprise-dates.js

Line 41 in bdb0f78

fs.writeFileSync(enterpriseDatesFile, formattedDatesString)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-internal-links.js

Line 66 in bdb0f78

const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-internal-links.js

Line 177 in bdb0f78

fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-readme.js

Line 43 in bdb0f78

const readmeComment = fs.readFileSync(fullPath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-readme.js

Line 78 in bdb0f78

if (template === fs.readFileSync(readme, 'utf8')) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-readme.js

Line 81 in bdb0f78

fs.writeFileSync(readme, template)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-versioning-in-files.js

Line 20 in bdb0f78

const content = fs.readFileSync(file, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-versioning-in-files.js

Line 25 in bdb0f78

fs.writeFileSync(file, newContent)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-versioning-in-files.js

Line 30 in bdb0f78

const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/update-versioning-in-files.js

Line 62 in bdb0f78

fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/content/category-pages.js

Line 47 in bdb0f78

const contents = fs.readFileSync(productIndex, 'utf8') // TODO move to async
💡 Title: Use of non-literal require, Severity: High

docs/middleware/contextualizers/graphql.js

Line 26 in bdb0f78

schemaForCurrentVersion: require(`../../lib/graphql/static/schema-${graphqlVersion}`),
💡 Title: Use of non-literal require, Severity: High

docs/middleware/contextualizers/webhooks.js

Line 3 in bdb0f78

const webhookPayloads = require(path.join(process.cwd(), 'lib/webhooks'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/backfill-missing-localizations.js

Line 30 in bdb0f78

if (!fs.existsSync(fullPath)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/backfill-missing-localizations.js

Line 34 in bdb0f78

fs.writeFileSync(fullPath, fs.readFileSync(englishFullPath))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/check-english-links.js

Line 76 in bdb0f78

fs.appendFileSync(logFile, JSON.stringify(result) + '\n')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/add-tags-to-articles.js

Line 42 in bdb0f78

const articleContents = fs.readFileSync(filePath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/add-tags-to-articles.js

Line 61 in bdb0f78

fs.writeFileSync(filePath, newContents)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/deduplicate-enterprise-assets.js

Line 40 in bdb0f78

if (fs.existsSync(existingFileToCompare)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/deduplicate-enterprise-assets.js

Line 54 in bdb0f78

const existingImageToCompare = await fs.readFileSync(existingFileToCompare)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/deduplicate-enterprise-assets.js

Line 55 in bdb0f78

const enterpriseImage = await fs.readFileSync(file)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/deduplicate-enterprise-assets.js

Line 63 in bdb0f78

if (compareResult === 0) fs.unlinkSync(file)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/move-unique-image-assets.js

Line 29 in bdb0f78

if (!fs.existsSync(existingFileToCompare)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/move-unique-image-assets.js

Line 31 in bdb0f78

if (!fs.existsSync(newDirectoryName)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/move-unique-image-assets.js

Line 32 in bdb0f78

fs.mkdirSync(newDirectoryName, { recursive: true })
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/move-unique-image-assets.js

Line 34 in bdb0f78

fs.renameSync(file, existingFileToCompare)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-html-comments-from-index-files.js

Line 12 in bdb0f78

const newContents = fs.readFileSync(file, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-html-comments-from-index-files.js

Line 14 in bdb0f78

fs.writeFileSync(file, newContents)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 27 in bdb0f78

let categoryIndexContent = fs.readFileSync(categoryIndexFile, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 55 in bdb0f78

if (!fs.existsSync(oldTopicFile)) continue
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 57 in bdb0f78

if (!fs.existsSync(newTopicDirectory)) fs.mkdirSync(newTopicDirectory)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 59 in bdb0f78

const { data, content } = frontmatter(fs.readFileSync(oldTopicFile, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 74 in bdb0f78

if (!fs.existsSync(`${oldTopicDirectory}/${article}.md`)) return
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 78 in bdb0f78

fs.renameSync(`${oldTopicDirectory}/${article}.md`, newArticlePath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 81 in bdb0f78

const articleContents = frontmatter(fs.readFileSync(newArticlePath, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 85 in bdb0f78

fs.writeFileSync(newArticlePath, frontmatter.stringify(articleContents.content.trim(), articleContents.data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 89 in bdb0f78

fs.writeFileSync(`${newTopicDirectory}/index.md`, frontmatter.stringify(topicContent.trim(), data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 92 in bdb0f78

fs.writeFileSync(categoryIndexFile, categoryIndexContent)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-map-topics.js

Line 95 in bdb0f78

fs.unlinkSync(oldTopicFile)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-unused-assets.js

Line 160 in bdb0f78

if (fs.existsSync(imagePath)) fs.unlinkSync(imagePath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-unused-assets.js

Line 165 in bdb0f78

if (fs.existsSync(imagePath)) fs.unlinkSync(imagePath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-unused-assets.js

Line 188 in bdb0f78

fs.unlinkSync(imageFullPath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-unused-assets.js

Line 195 in bdb0f78

fs.unlinkSync(imageFullPath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-unused-assets.js

Line 202 in bdb0f78

fs.unlinkSync(imageFullPath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-unused-assets.js

Line 208 in bdb0f78

fs.unlinkSync(imageFullPath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/remove-unused-assets.js

Line 223 in bdb0f78

fs.unlinkSync(path.join(process.cwd(), directoryImage))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/update-developer-site-links.js

Line 30 in bdb0f78

const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/update-developer-site-links.js

Line 72 in bdb0f78

fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/update-tocs.js

Line 39 in bdb0f78

const { data, content } = frontmatter(fs.readFileSync(indexFile, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/content-migrations/update-tocs.js

Line 76 in bdb0f78

fs.writeFileSync(indexFile, frontmatter.stringify('', data, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/create-glossary-from-spreadsheet.js

Line 14 in bdb0f78

const glossary = yaml.safeLoad(fs.readFileSync(inputFile, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/create-glossary-from-spreadsheet.js

Line 28 in bdb0f78

fs.writeFileSync(
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/create-glossary-from-spreadsheet.js

Line 33 in bdb0f78

fs.writeFileSync(
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/clone-for-build.js

Line 114 in bdb0f78

if (!fs.existsSync(sourceDir)) {
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/early-access/clone-for-build.js

Line 120 in bdb0f78

fs.renameSync(sourceDir, destDir)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reset-translated-file.js

Line 34 in bdb0f78

assert(fs.existsSync(translationFilePath), `file does not exist: ${translationFilePath}`)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reset-translated-file.js

Line 38 in bdb0f78

assert(fs.existsSync(englishFile), `file does not exist: ${englishFile}`)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reset-translated-file.js

Line 41 in bdb0f78

const englishContent = fs.readFileSync(englishFile, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reset-translated-file.js

Line 42 in bdb0f78

fs.writeFileSync(translationFilePath, englishContent)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/reset-translated-file.js

Line 50 in bdb0f78

const relativePath = fs.existsSync(pathArg)
💡 Title: Use of non-literal require, Severity: High

docs/script/rest/openapi-check.js

Line 24 in bdb0f78

const schemas = files.map(filename => require(filename))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/rest/update-files.js

Line 11 in bdb0f78

const schemas = fs.readdirSync(dereferencedPath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/rest/update-files.js

Line 33 in bdb0f78

if (!fs.existsSync(githubRepoDir)) {
💡 Title: Use of non-literal require, Severity: High

docs/script/rest/update-files.js

Line 78 in bdb0f78

const schema = require(path.join(dereferencedPath, filename))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/rest/update-files.js

Line 80 in bdb0f78

fs.writeFileSync(path.join(dereferencedPath, filename), JSON.stringify(schema, null, 2))
💡 Title: Use of non-literal require, Severity: High

docs/script/rest/update-files.js

Line 88 in bdb0f78

const schema = require(path.join(dereferencedPath, filename))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/rest/update-files.js

Line 104 in bdb0f78

fs.writeFileSync(filename, JSON.stringify(operations, null, 2))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/standardize-frontmatter-order.js

Line 30 in bdb0f78

const { content, data } = matter(fs.readFileSync(fullPath, 'utf8'))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/standardize-frontmatter-order.js

Line 36 in bdb0f78

fs.writeFileSync(fullPath, matter.stringify(content, newData, { lineWidth: 10000 }))
💡 Title: Use of non-literal fs filename, Severity: High

docs/script/test-render-translation.js

Line 54 in bdb0f78

const fileContents = await fs.promises.readFile(fullPath, 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/content/category-pages.js

Line 54 in bdb0f78

.filter(link => fs.existsSync(getPath(productDir, link, 'index')))
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/content/category-pages.js

Line 99 in bdb0f78

const childEntries = await fs.promises.readdir(categoryDir, { withFileTypes: true })
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/content/gitignore.js

Line 4 in bdb0f78

const gitignore = fs.readFileSync(gitignorePath, 'utf8')
💡 Title: Use of non-literal require, Severity: High

docs/tests/content/graphql.js

Line 23 in bdb0f78

const schemaJsonPerVersion = require(`../../lib/graphql/static/schema-${version}`)
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/content/site-data-references.js

Line 110 in bdb0f78

await fs.stat(filepath)
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/content/site-data.js

Line 48 in bdb0f78

await fs.writeFile(newFile, 'newvalue: bar')
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/content/site-data.js

Line 52 in bdb0f78

await fs.unlink(newFile)
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/graphql/build-changelog-test.js

Line 126 in bdb0f78

await fs.writeFile(testTargetPath, previousContents)
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/helpers/crowdin-config.js

Line 7 in bdb0f78

return yaml.load(fs.readFileSync(filename, 'utf8'), { filename })
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/meta/orphan-tests.js

Line 12 in bdb0f78

const testDirectory = await fs.readdir(pathToTests)
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/meta/orphan-tests.js

Line 21 in bdb0f78

await fs.stat(
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/rendering/rest.js

Line 20 in bdb0f78

const filenames = (await fs.readdir(referenceDir))
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/actions-workflows.js

Line 7 in bdb0f78

const workflows = fs.readdirSync(workflowsDir)
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/actions-workflows.js

Line 11 in bdb0f78

const data = yaml.load(fs.readFileSync(fullpath, 'utf8'), { fullpath })
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/early-access.js

Line 8 in bdb0f78

expect(await fs.stat(eaDir)).toBeTruthy()
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/early-access.js

Line 13 in bdb0f78

expect(await fs.stat(eaDir)).toBeTruthy()
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/early-access.js

Line 18 in bdb0f78

expect(await fs.stat(eaDir)).toBeTruthy()
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/get-rss-feeds.js

Line 6 in bdb0f78

const rssFeedContent = fs.readFileSync(path.join(process.cwd(), 'tests/fixtures/rss-feed.xml'), 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/search/parse-page-sections-into-records.js

Line 6 in bdb0f78

pageWithSections: fs.readFileSync(path.join(__dirname, 'fixtures/page-with-sections.html'), 'utf8'),
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/search/parse-page-sections-into-records.js

Line 7 in bdb0f78

pageWithoutSections: fs.readFileSync(path.join(__dirname, 'fixtures/page-without-sections.html'), 'utf8')
💡 Title: Use of non-literal fs filename, Severity: High

docs/tests/unit/search/topics.js

Line 12 in bdb0f78

const fileContent = fs.readFileSync(filename, 'utf8')
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/contextualizers/rest.js

Line 14 in bdb0f78

'/developers/apps'
💡 Title: Path Traversal from user input, Severity: High

docs/lib/rewrite-local-links.js

Line 40 in bdb0f78

newHref = path.join('/', languageCode, href)
💡 Title: Path Traversal from user input, Severity: High

docs/lib/rewrite-local-links.js

Line 47 in bdb0f78

newHref = path.join('/', languageCode, href)
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/early-access-breadcrumbs.js

Line 63 in bdb0f78

const mapTopicOrArticlePath = path.posix.join(categoryPath, pathParts[2])
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/early-access-breadcrumbs.js

Line 50 in bdb0f78

const categoryPath = removeFPTFromPath(path.posix.join('/', 'en', req.context.currentVersion, 'early-access', pathParts[0], pathParts[1]))
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/breadcrumbs.js

Line 35 in bdb0f78

title: product.title
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/breadcrumbs.js

Line 49 in bdb0f78

const categoryPath = removeFPTFromPath(path.posix.join('/', req.context.currentLanguage, req.context.currentVersion, productPath, pathParts[1]))
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/breadcrumbs.js

Line 21 in bdb0f78

const productPath = path.posix.join('/', req.context.currentProduct)
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/breadcrumbs.js

Line 34 in bdb0f78

href: removeFPTFromPath(path.posix.join('/', req.context.currentLanguage, req.context.currentVersion, productPath)),
💡 Title: Path Traversal from user input, Severity: High

docs/middleware/archived-enterprise-versions-assets.js

Line 22 in bdb0f78

const proxyPath = path.join('/', requestedVersion, assetPath)
💡 Title: Path Traversal from user input, Severity: High

docs/lib/get-link-data.js

Line 37 in bdb0f78

const href = removeFPTFromPath(path.join('/', context.currentLanguage, version, linkPath))

More info on how to fix Insecure File Management in JavaScript.

Insecure Use of Regular Expressions (34)
Docs Details
💡 Title: Regex DOS (ReDOS), Severity: Medium

docs/lib/patterns.js

Line 12 in bdb0f78

enterprise: /\/enterprise(?:\/|$|\?)(\d+\.\d+)?/,
💡 Title: Regex DOS (ReDOS), Severity: Medium

docs/lib/patterns.js

Line 13 in bdb0f78

admin: /enterprise\/(\d+\.\d+\/)?admin\/?/,
💡 Title: Regex DOS (ReDOS), Severity: Medium

docs/lib/patterns.js

Line 14 in bdb0f78

gheUser: /enterprise\/(\d+\.\d+\/)?user(\/|$|\?)/,
💡 Title: Regex DOS (ReDOS), Severity: Medium

docs/lib/patterns.js

Line 15 in bdb0f78

enterpriseHomepage: /\/enterprise\/?(\d+\.\d+)?$/,

This comment has been truncated due to comment length limitations, please go to the dashboard for further details.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@restyled-commits