Bump fjogeleit/http-request-action from 1.14.0 to 1.16.4 #8486
dependabot[bot]continuous-integration.yml
on: push
Matrix: Build
login-to-amazon-ecr
3s
Validate App Registry
28s
Unit Tests
57s
Linting
1m 45s
Security Audit
33s
Drupal Cache Test
4m 30s
Run Jenkins CI
5s
Testing Reports
0s
Matrix: Deploy
Notify Failure
0s
Annotations
18 errors and 24 warnings
|
login-to-amazon-ecr
Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers
|
|
Run Jenkins CI
Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers
|
|
Security Audit
Security advisory:
Title: qs vulnerable to Prototype Pollution
Module name: qs
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>qs
Severity: high
Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp
|
|
Security Audit
Security advisory:
Title: tough-cookie Prototype Pollution vulnerability
Module name: tough-cookie
Dependency: node-libcurl
Path: node-libcurl>node-gyp>request>tough-cookie
Severity: moderate
Details: https://github.com/advisories/GHSA-72xf-g2v4-qvf3
|
|
Security Audit
Security advisory:
Title: qs vulnerable to Prototype Pollution
Module name: qs
Dependency: express
Path: express>qs
Severity: high
Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp
|
|
Security Audit
Security advisory:
Title: send vulnerable to template injection that can lead to XSS
Module name: send
Dependency: express
Path: express>send
Severity: low
Details: https://github.com/advisories/GHSA-m6fv-jmcg-4jfg
|
|
Security Audit
Security advisory:
Title: serve-static vulnerable to template injection that can lead to XSS
Module name: serve-static
Dependency: express
Path: express>serve-static
Severity: low
Details: https://github.com/advisories/GHSA-cm22-4g7w-348p
|
|
Security Audit
Security advisory:
Title: Unpatched `path-to-regexp` ReDoS in 0.1.x
Module name: path-to-regexp
Dependency: express
Path: express>path-to-regexp
Severity: high
Details: https://github.com/advisories/GHSA-rhx6-c78j-4q9w
|
|
Security Audit
Security advisory:
Title: path-to-regexp outputs backtracking regular expressions
Module name: path-to-regexp
Dependency: express
Path: express>path-to-regexp
Severity: high
Details: https://github.com/advisories/GHSA-9wv6-86v2-598j
|
|
Security Audit
Security advisory:
Title: Command Injection in moment-timezone
Module name: moment-timezone
Dependency: moment-timezone
Path: moment-timezone
Severity: low
Details: https://github.com/advisories/GHSA-56x4-j7p9-fcf9
|
|
Security Audit
Security advisory:
Title: Cleartext Transmission of Sensitive Information in moment-timezone
Module name: moment-timezone
Dependency: moment-timezone
Path: moment-timezone
Severity: moderate
Details: https://github.com/advisories/GHSA-v78c-4p63-2j6c
|
|
Security Audit
Security advisory:
Title: Moment.js vulnerable to Inefficient Regular Expression Complexity
Module name: moment
Dependency: moment
Path: moment
Severity: high
Details: https://github.com/advisories/GHSA-wc69-rhjr-hc9g
|
|
Unit Tests
❌ Failed to create checks using the provided token. (HttpError: Resource not accessible by integration)
|
|
Build (vagovprod)
User: arn:aws-us-gov:sts::***:assumed-role/dsva-vagov-content-build-gha-runner-role/i-0ba091be889ebe188 is not authorized to perform: sts:TagSession on resource: ***
|
|
Build (vagovstaging)
The job was canceled because "vagovprod" failed.
|
|
Build (vagovstaging)
The operation was canceled.
|
|
Build (vagovdev)
The job was canceled because "vagovprod" failed.
|
|
Build (vagovdev)
The operation was canceled.
|
|
Build (vagovdev)
Your workflow is using a version of actions/cache that is scheduled for deprecation, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8. Please update your workflow to use either v3 or v4 of actions/cache to avoid interruptions. Learn more: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down
|
|
Build (vagovstaging)
Your workflow is using a version of actions/cache that is scheduled for deprecation, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8. Please update your workflow to use either v3 or v4 of actions/cache to avoid interruptions. Learn more: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down
|
|
Build (vagovprod)
Your workflow is using a version of actions/cache that is scheduled for deprecation, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8. Please update your workflow to use either v3 or v4 of actions/cache to avoid interruptions. Learn more: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down
|
|
login-to-amazon-ecr
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Run Jenkins CI
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Validate App Registry
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Security Audit
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Unit Tests
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Unit Tests
⚠️ This usually indicates insufficient permissions. More details: https://github.com/mikepenz/action-junit-report/issues/23
|
|
Linting
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Linting:
config/webpack.config.js#L31
config/webpack.config.js:31:22:Use an object spread instead of `Object.assign` eg: `{ ...foo }`.
|
|
Linting:
script/pr-check.js#L122
script/pr-check.js:122:7:Use array destructuring.
|
|
Linting:
script/pr-check.js#L129
script/pr-check.js:129:7:Unary operator '++' used.
|
|
Linting:
script/pr-check.js#L134
script/pr-check.js:134:7:Unary operator '++' used.
|
|
Linting:
script/run-unit-test.js#L2
script/run-unit-test.js:2:35:Unexpected use of file extension "js" for "./run-unit-test-help.js"
|
|
Linting:
script/serve.js#L2
script/serve.js:2:25:`command-line-args` import should occur before import of `./utils`
|
|
Linting:
src/platform/testing/e2e/cypress/support/commands/keyboard.js#L8
src/platform/testing/e2e/cypress/support/commands/keyboard.js:8:33:Unary operator '++' used.
|
|
Linting:
src/platform/testing/unit/axe-plugin.js#L1
src/platform/testing/unit/axe-plugin.js:1:18:Unexpected unnamed function.
|
|
Linting:
src/platform/testing/unit/axe-plugin.js#L5
src/platform/testing/unit/axe-plugin.js:5:59:Unexpected unnamed function.
|
|
Linting:
src/platform/testing/unit/renameKey.unit.spec.js#L8
src/platform/testing/unit/renameKey.unit.spec.js:8:3:Cypress E2E tests must include at least one axeCheck call. Documentation for adding checks and understanding errors can be found here: https://depo-platform-documentation.scrollhelp.site/developer-docs/A11y-Testing.1935409178.html
|
|
Drupal Cache Test
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Build (vagovprod)
Failed to restore: "/usr/bin/tar" failed with error: The process '/usr/bin/tar' failed with exit code 2
|
|
Build (vagovstaging)
Failed to restore: "/usr/bin/tar" failed with error: The process '/usr/bin/tar' failed with exit code 2
|
|
Build (vagovdev)
Failed to restore: "/usr/bin/tar" failed with error: The process '/usr/bin/tar' failed with exit code 2
|