Security advisory: Title: qs vulnerable to Prototype Pollution Module name: qs Dependency: node-libcurl Path: node-libcurl>node-gyp>request>qs Severity: high Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp

Security advisory: Title: tough-cookie Prototype Pollution vulnerability Module name: tough-cookie Dependency: node-libcurl Path: node-libcurl>node-gyp>request>tough-cookie Severity: moderate Details: https://github.com/advisories/GHSA-72xf-g2v4-qvf3

Security advisory: Title: qs vulnerable to Prototype Pollution Module name: qs Dependency: express Path: express>qs Severity: high Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp

Security advisory: Title: send vulnerable to template injection that can lead to XSS Module name: send Dependency: express Path: express>send Severity: low Details: https://github.com/advisories/GHSA-m6fv-jmcg-4jfg

Security advisory: Title: serve-static vulnerable to template injection that can lead to XSS Module name: serve-static Dependency: express Path: express>serve-static Severity: low Details: https://github.com/advisories/GHSA-cm22-4g7w-348p

Security advisory: Title: Unpatched `path-to-regexp` ReDoS in 0.1.x Module name: path-to-regexp Dependency: express Path: express>path-to-regexp Severity: high Details: https://github.com/advisories/GHSA-rhx6-c78j-4q9w

Security advisory: Title: path-to-regexp outputs backtracking regular expressions Module name: path-to-regexp Dependency: express Path: express>path-to-regexp Severity: high Details: https://github.com/advisories/GHSA-9wv6-86v2-598j

Security advisory: Title: Command Injection in moment-timezone Module name: moment-timezone Dependency: moment-timezone Path: moment-timezone Severity: low Details: https://github.com/advisories/GHSA-56x4-j7p9-fcf9

Security advisory: Title: Cleartext Transmission of Sensitive Information in moment-timezone Module name: moment-timezone Dependency: moment-timezone Path: moment-timezone Severity: moderate Details: https://github.com/advisories/GHSA-v78c-4p63-2j6c

Security advisory: Title: Moment.js vulnerable to Inefficient Regular Expression Complexity Module name: moment Dependency: moment Path: moment Severity: high Details: https://github.com/advisories/GHSA-wc69-rhjr-hc9g

❌ Failed to create checks using the provided token. (HttpError: Resource not accessible by integration)

User: arn:aws-us-gov:iam::008577686731:user/service_account/svc-gha-vagov-cms-user is not authorized to perform: ssm:GetParameter on resource: arn:aws-us-gov:ssm:us-gov-west-1:008577686731:parameter/frontend-team/github-actions/parameters/AWS_FRONTEND_NONPROD_ROLE because no identity-based policy allows the ssm:GetParameter action

The job was canceled because "vagovdev" failed.

The operation was canceled.

The job was canceled because "vagovdev" failed.

The operation was canceled.

Your docker password is not masked. See https://github.com/aws-actions/amazon-ecr-login#docker-credentials for more information.

⚠️ This usually indicates insufficient permissions. More details: https://github.com/mikepenz/action-junit-report/issues/23

config/webpack.config.js:31:22:Use an object spread instead of `Object.assign` eg: `{ ...foo }`.

script/pr-check.js:122:7:Use array destructuring.

script/pr-check.js:129:7:Unary operator '++' used.

script/pr-check.js:134:7:Unary operator '++' used.

script/run-unit-test.js:2:35:Unexpected use of file extension "js" for "./run-unit-test-help.js"

script/serve.js:2:25:`command-line-args` import should occur before import of `./utils`

src/platform/testing/e2e/cypress/support/commands/keyboard.js:8:33:Unary operator '++' used.

src/platform/testing/unit/axe-plugin.js:1:18:Unexpected unnamed function.

src/platform/testing/unit/axe-plugin.js:5:59:Unexpected unnamed function.