Merge v3-alpha into master#5272
12 new alerts including 1 critical severity security vulnerability
New alerts in code changed by this pull request
Security Alerts:
- 1 critical
- 3 high
- 8 medium
Alerts not introduced by this pull request might have been detected because the code changes were too large.
See annotations below for details.
Annotations
Check warning on line 89 in .github/workflows/build-and-test-v3.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium
Check warning on line 193 in .github/workflows/build-and-test-v3.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium
Check warning on line 289 in .github/workflows/build-cross-image.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium
Check warning on line 33 in .github/workflows/cross-compile-test-v3.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium
Check warning on line 120 in .github/workflows/cross-compile-test-v3.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium
Check warning on line 135 in .github/workflows/cross-compile-test-v3.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium
Check warning on line 46 in .github/workflows/publish-npm.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium
Check warning on line 11 in .github/workflows/test-simple.yml
Code scanning / CodeQL
Workflow does not contain permissions Medium test
Check failure on line 271 in v3/examples/web-apis/xmlhttprequest/frontend/index.html
Code scanning / CodeQL
DOM text reinterpreted as HTML High
Check failure on line 50 in v3/examples/screen/main.go
Code scanning / CodeQL
Uncontrolled data used in path expression High
Check failure on line 52 in v3/examples/screen/main.go
Code scanning / CodeQL
Uncontrolled data used in path expression High
Check failure on line 572 in v3/internal/setupwizard/wizard.go
Code scanning / CodeQL
Command built from user-controlled sources Critical