Skip to content

Merge v3-alpha into master#5272

Merged
leaanthony merged 1911 commits into
masterfrom
merge/v3-alpha
Apr 29, 2026
Merged

Merge v3-alpha into master#5272
leaanthony merged 1911 commits into
masterfrom
merge/v3-alpha

More Go 1.25 vet fixes for windows-only code paths

5d3144a
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Apr 29, 2026 in 4s

12 new alerts including 1 critical severity security vulnerability

New alerts in code changed by this pull request

Security Alerts:

  • 1 critical
  • 3 high
  • 8 medium

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 89 in .github/workflows/build-and-test-v3.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 193 in .github/workflows/build-and-test-v3.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Check warning on line 289 in .github/workflows/build-cross-image.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Check warning on line 33 in .github/workflows/cross-compile-test-v3.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Check warning on line 120 in .github/workflows/cross-compile-test-v3.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 135 in .github/workflows/cross-compile-test-v3.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Check warning on line 46 in .github/workflows/publish-npm.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 11 in .github/workflows/test-simple.yml

See this annotation in the file changed.

Code scanning / CodeQL

Workflow does not contain permissions Medium test

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Check failure on line 271 in v3/examples/web-apis/xmlhttprequest/frontend/index.html

See this annotation in the file changed.

Code scanning / CodeQL

DOM text reinterpreted as HTML High

DOM text
is reinterpreted as HTML without escaping meta-characters.
DOM text
is reinterpreted as HTML without escaping meta-characters.

Check failure on line 50 in v3/examples/screen/main.go

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
.

Check failure on line 52 in v3/examples/screen/main.go

See this annotation in the file changed.

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
.

Check failure on line 572 in v3/internal/setupwizard/wizard.go

See this annotation in the file changed.

Code scanning / CodeQL

Command built from user-controlled sources Critical

This command depends on a
user-provided value
.