[dev-dependency](deps-dev): Bump ajv from 6.12.6 to 6.14.0 in /electron-app#181
Closed
dependabot[bot] wants to merge 1 commit intomainfrom
Closed
[dev-dependency](deps-dev): Bump ajv from 6.12.6 to 6.14.0 in /electron-app#181dependabot[bot] wants to merge 1 commit intomainfrom
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.6 to 6.14.0. - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v6.14.0) --- updated-dependencies: - dependency-name: ajv dependency-version: 6.14.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependabot
Owner
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Contributor
Summary of Pull RequestTitle: dev-dependency: Bump ajv from 6.12.6 to 6.14.0 in This pull request updates the Key Updates:
|
❌ 1 Tests Failed:
View the top 1 failed test(s) by shortest run time
To view more test analytics, go to the Test Analytics Dashboard |
Contributor
✅
|
| Descriptor | Linter | Files | Fixed | Errors | Warnings | Elapsed time |
|---|---|---|---|---|---|---|
| ✅ ACTION | actionlint | 42 | 0 | 0 | 0.98s | |
| ✅ COPYPASTE | jscpd | yes | no | no | 50.36s | |
| stylelint | 9 | 306 | 0 | 13.2s | ||
| djlint | 2 | 3 | 0 | 2.67s | ||
| ✅ HTML | htmlhint | 2 | 0 | 0 | 0.49s | |
| prettier | 318 | 318 | 0 | 97.0s | ||
| jsonlint | 25 | 2 | 0 | 3.74s | ||
| prettier | 25 | 21 | 0 | 8.49s | ||
| v8r | 25 | 1 | 0 | 49.26s | ||
| markdownlint | 36 | 58 | 0 | 21.09s | ||
| ✅ MARKDOWN | markdown-table-formatter | 28 | 0 | 0 | 7.15s | |
| ✅ POWERSHELL | powershell | 3 | 0 | 0 | 4.64s | |
| ✅ POWERSHELL | powershell_formatter | 3 | 0 | 0 | 3.16s | |
| ✅ REPOSITORY | checkov | yes | no | no | 47.74s | |
| devskim | yes | 1 | 1 | 9.18s | ||
| ✅ REPOSITORY | dustilock | yes | no | no | 6.14s | |
| ✅ REPOSITORY | gitleaks | yes | no | no | 5.57s | |
| ✅ REPOSITORY | git_diff | yes | no | no | 0.31s | |
| grype | yes | 2 | 50 | 79.99s | ||
| kics | yes | 1 | 1 | 5.16s | ||
| ✅ REPOSITORY | kingfisher | yes | no | no | 8.35s | |
| secretlint | yes | 3 | no | 20.26s | ||
| ✅ REPOSITORY | syft | yes | no | no | 25.96s | |
| trivy | yes | 6 | 11 | 11.42s | ||
| ✅ REPOSITORY | trivy-sbom | yes | no | no | 6.11s | |
| ✅ REPOSITORY | trufflehog | yes | no | no | 14.95s | |
| cspell | 782 | 2913 | 0 | 1417.86s | ||
| lychee | 118 | 4 | 0 | 137.57s | ||
| ts-standard | 306 | 306 | 0 | 118.07s | ||
| ✅ XML | xmllint | 1 | 0 | 0 | 1.43s | |
| prettier | 54 | 52 | 104 | 19.66s | ||
| ✅ YAML | v8r | 54 | 0 | 0 | 114.76s | |
| ✅ YAML | yamllint | 54 | 0 | 0 | 10.63s |
Detailed Issues
⚠️ SPELL / cspell - 2913 errors
Results of cspell linter (version 9.4.0)
See documentation on https://megalinter.io/9.3.0/descriptors/spell_cspell/
-----------------------------------------------
✅ [SUCCESS] .checkov.yml
✅ [SUCCESS] .devskim.json
✅ [SUCCESS] .djlintrc
✅ [SUCCESS] .git/FETCH_HEAD
✅ [SUCCESS] .git/HEAD
❌ [ERROR] .git/config
.git/config:11:13 - Unknown word (gitdir) -- [includeIf "gitdir:/home/runner/work/FitFileView
Suggestions: [gitdm, gilder, girder, gitter, giddier]
.git/config:13:13 - Unknown word (gitdir) -- [includeIf "gitdir:/home/runner/work/FitFileView
Suggestions: [gitdm, gilder, girder, gitter, giddier]
.git/config:13:71 - Unknown word (worktrees) -- FileViewer/FitFileViewer/.git/worktrees/*"]
Suggestions: [workers, worker's, workarea, workArea, worries]
.git/config:15:13 - Unknown word (gitdir) -- [includeIf "gitdir:.git
Suggestions: [gitdm, gilder, girder, gitter, giddier]
.git/config:17:13 - Unknown word (gitdir) -- [includeIf "gitdir:.git
Suggestions: [gitdm, gilder, girder, gitter, giddier]
.git/config:17:43 - Unknown word (worktrees) -- .git/worktrees/*"]
Suggestions: [workers, worker's, workarea, workArea, worries]
CSpell: Files checked: 1, Issues found: 6 in 1 file.
✅ [SUCCESS] .git/description
✅ [SUCCESS] .git/index
✅ [SUCCESS] .git/info/exclude
✅ [SUCCESS] .git/logs/HEAD
✅ [SUCCESS] .git/logs/refs/remotes/pull/181/merge
✅ [SUCCESS] .git/refs/remotes/pull/181/merge
✅ [SUCCESS] .git/shallow
❌ [ERROR] .github/.spellcheck.yml
.github/.spellcheck.yml:6:11 - Unknown word (wordlists) -- wordlists:
Suggestions: [wordless, wordiest, worldliest, worsts, wrists]
.github/.spellcheck.yml:7:18 - Unknown word (wordlist) -- - .wordlist.txt
Suggestions: [wordiest, wordless, worldliest, worlds, wordily]
.github/.spellcheck.yml:10:17 - Unknown word (pyspelling) -- - pyspelling.filters.markdown:
Suggestions: [propelling, pistolling]
.github/.spellcheck.yml:12:23 - Unknown word (pymdownx) -- - pymdownx.superfences
Suggestions: [mydown, myDown, putdown, putdowns]
.github/.spellcheck.yml:12:32 - Unknown word (superfences) -- - pymdownx.superfences
Suggestions: [supervenes, superdense, superfine, supervene, supersedes]
.github/.spellcheck.yml:13:17 - Unknown word (pyspelling) -- - pyspelling.filters.html:
Suggestions: [propelling, pistolling]
CSpell: Files checked: 1, Issues
(Truncated to 2500 characters out of 572284)
⚠️ REPOSITORY / devskim - 1 error
[15:36:58 ERR] Failed to parse Data at the root level is invalid. Line 1, position 1. as a XML document: null
[15:36:58 ERR] Failed to parse Data at the root level is invalid. Line 1, position 1. as a XML document: null
.devskim.json:41:46:41:55 [ManualReview] DS162092 Do not leave debug code in production
.devskim.json:47:66:47:75 [ManualReview] DS162092 Do not leave debug code in production
.devskim.json:53:61:53:70 [ManualReview] DS162092 Do not leave debug code in production
.devskim.json:59:61:59:70 [ManualReview] DS162092 Do not leave debug code in production
[15:36:58 ERR] Failed to parse Data at the root level is invalid. Line 1, position 1. as a XML document: null
electron-app/utils/ui/quickColorSwitcher.js:82:69:82:86 [Moderate] DS137138 Insecure URL
electron-app/utils/ui/quickColorSwitcher.js:110:49:110:66 [Moderate] DS137138 Insecure URL
electron-app/utils/ui/quickColorSwitcher.js:387:16:388:54 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/ui/settingsModal.js:38:8:38:21 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/ui/settingsModal.js:102:50:102:67 [Moderate] DS137138 Insecure URL
electron-app/utils/ui/settingsModal.js:108:50:108:67 [Moderate] DS137138 Insecure URL
electron-app/utils/ui/settingsModal.js:151:53:151:70 [Moderate] DS137138 Insecure URL
electron-app/utils/ui/settingsModal.js:409:8:409:21 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/net/networkUtils.js:22:35:22:70 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/debug/stateDevTools.js:589:43:589:52 [ManualReview] DS162092 Do not leave debug code in production
electron-app/utils/debug/stateDevTools.js:590:46:590:55 [ManualReview] DS162092 Do not leave debug code in production
electron-app/utils/ui/components/createSettingsHeader.js:547:12:547:25 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/ui/components/createSettingsHeader.js:1122:8:1123:44 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/ui/components/createSettingsHeader.js:1246:29:1246:42 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/ui/components/createSettingsHeader.js:1524:8:1525:44 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/ui/components/ensureChartSettingsDropdowns.js:69:8:71:41 [ManualReview] DS172411 Review setTimeout for untrusted data
electron-app/utils/u
(Truncated to 2500 characters out of 32428)
⚠️ HTML / djlint - 3 errors
Results of djlint linter (version 1.36.4)
See documentation on https://megalinter.io/9.3.0/descriptors/html_djlint/
-----------------------------------------------
❌ [ERROR] electron-app/ffv/index.html
Linting 0/1 files ┈┈┈┈┈┈┈┈┈┈ 00:00
Linting 1/1 files ━━━━━━━━━━ 00:00
Linting 1/1 files ━━━━━━━━━━ 00:00
electron-app/ffv/index.html
───────────────────────────────────────────────────────────────────────────────
H031 2:0 Consider adding meta keywords. <html lang="en">
H037 5:59 Duplicate attribute found. initial-scale
Linted 1 file, found 2 errors.
❌ [ERROR] electron-app/index.html
Linting 0/1 files ┈┈┈┈┈┈┈┈┈┈ 00:00
Linting 1/1 files ━━━━━━━━━━ 00:01
Linting 1/1 files ━━━━━━━━━━ 00:01
Linting 1/1 files ━━━━━━━━━━ 00:01
electron-app/index.html
───────────────────────────────────────────────────────────────────────────────
H006 93:24 Img tag should have height and width attributes. <img
Linted 1 file, found 1 error.
⚠️ REPOSITORY / grype - 2 errors
warning: A medium vulnerability in npm package: ajv, version 6.12.6 was found at: /docusaurus/package-lock.json
warning: A medium vulnerability in npm package: ajv, version 8.17.1 was found at: /docusaurus/package-lock.json
error: A high vulnerability in npm package: minimatch, version 3.1.2 was found at: /docusaurus/package-lock.json
error: A high vulnerability in npm package: minimatch, version 9.0.5 was found at: /docusaurus/package-lock.json
warning: A medium vulnerability in npm package: lodash, version 4.17.21 was found at: /electron-app/package-lock.json
warning: A medium vulnerability in npm package: lodash, version 4.17.21 was found at: /docusaurus/package-lock.json
warning: A medium vulnerability in npm package: lodash-es, version 4.17.21 was found at: /docusaurus/package-lock.json
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/release-stats.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/sitemap.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/codeql.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/dependency-review.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/devskim.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/electronegativity.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/eslint.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/flatpak-build.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/git-sizer-dispatch.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/git-sizer.yml
warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.14.1 was found at: /.github/workflows/gitleaks.yml
warning
(Truncated to 2500 characters out of 7559)
⚠️ JSON / jsonlint - 2 errors
Results of jsonlint linter (version 16.0.0)
See documentation on https://megalinter.io/9.3.0/descriptors/json_jsonlint/
-----------------------------------------------
✅ [SUCCESS] .devskim.json
✅ [SUCCESS] .jscpd.json
✅ [SUCCESS] .markdown-link-check.json
✅ [SUCCESS] .markdownlint.json
✅ [SUCCESS] .prettierrc.json
✅ [SUCCESS] .vscode/extensions.json
✅ [SUCCESS] .vscode/launch.json
✅ [SUCCESS] .vscode/settings.json
✅ [SUCCESS] .vscode/tasks.json
✅ [SUCCESS] cspell.json
✅ [SUCCESS] docusaurus/package-lock.json
✅ [SUCCESS] docusaurus/package.json
✅ [SUCCESS] docusaurus/tsconfig.json
✅ [SUCCESS] docusaurus/typedoc.json
✅ [SUCCESS] docusaurus/typedoc.local.json
✅ [SUCCESS] electron-app/.markdown-link-check.json
✅ [SUCCESS] electron-app/.markdownlint.json
✅ [SUCCESS] electron-app/.npmpackagejsonlintrc.json
✅ [SUCCESS] electron-app/.vscode/tasks.json
✅ [SUCCESS] electron-app/ffv/manifest.json
✅ [SUCCESS] electron-app/package-lock.json
✅ [SUCCESS] electron-app/package.json
❌ [ERROR] electron-app/tsconfig.json
File: electron-app/tsconfig.json
Parse error on line 57, column 9:
...ck": false, // We use extensive ...
----------------------^
Unexpected token "/"
❌ [ERROR] electron-app/tsconfig.vitest.json
File: electron-app/tsconfig.vitest.json
Parse error on line 5, column 9:
...Options": { // Vitest's typechec...
----------------------^
Unexpected token "/"
✅ [SUCCESS] mermaid.config.json
⚠️ REPOSITORY / kics - 1 error
warning: Action is not pinned to a full length commit SHA.
┌─ .github/workflows/vitest.yml:92:1
│
92 │ uses: codecov/test-results-action@v1
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
│
= Unpinned Actions Full Length Commit SHA
= Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.
warning: 1 warnings emitted
⚠️ SPELL / lychee - 4 errors
Results of lychee linter (version 0.18.0)
See documentation on https://megalinter.io/9.3.0/descriptors/spell_lychee/
-----------------------------------------------
✅ [SUCCESS] .checkov.yml
✅ [SUCCESS] .devskim.json
✅ [SUCCESS] .github/.spellcheck.yml
✅ [SUCCESS] .github/CHANGELOG.md
✅ [SUCCESS] .github/ISSUE_TEMPLATE/bug_report.md
✅ [SUCCESS] .github/ISSUE_TEMPLATE/custom-issue.md
✅ [SUCCESS] .github/ISSUE_TEMPLATE/feature_request.md
✅ [SUCCESS] .github/PROMPTS/Consistency-Check.prompt.md
✅ [SUCCESS] .github/PROMPTS/Continue.prompt.md
✅ [SUCCESS] .github/PROMPTS/Do-ToDo.prompt.md
✅ [SUCCESS] .github/PROMPTS/Generate-100%-Test-Coverage.prompt.md
✅ [SUCCESS] .github/PROMPTS/Review.prompt.md
✅ [SUCCESS] .github/PULL_REQUEST_TEMPLATE/README.md
✅ [SUCCESS] .github/PULL_REQUEST_TEMPLATE/bugfix.md
✅ [SUCCESS] .github/PULL_REQUEST_TEMPLATE/documentation.md
✅ [SUCCESS] .github/PULL_REQUEST_TEMPLATE/feature.md
✅ [SUCCESS] .github/PULL_REQUEST_TEMPLATE/maintenance.md
✅ [SUCCESS] .github/PULL_REQUEST_TEMPLATE/pull_request_template.md
✅ [SUCCESS] .github/PULL_REQUEST_TEMPLATE/quick-fix.md
✅ [SUCCESS] .github/agents/BeastMode.agent.md
✅ [SUCCESS] .github/copilot-commit-message-instructions.md
✅ [SUCCESS] .github/copilot-instructions.md
✅ [SUCCESS] .github/dependabot.yml
✅ [SUCCESS] .github/workflows/ActionLint.yml
✅ [SUCCESS] .github/workflows/Build.yml
✅ [SUCCESS] .github/workflows/VirusTotal.yml
✅ [SUCCESS] .github/workflows/build-win7.yml
✅ [SUCCESS] .github/workflows/cleanReleases.yml
✅ [SUCCESS] .github/workflows/codeql.yml
✅ [SUCCESS] .github/workflows/dependency-review.yml
✅ [SUCCESS] .github/workflows/devskim.yml
✅ [SUCCESS] .github/workflows/docusaurus.yml
✅ [SUCCESS] .github/workflows/electronegativity.yml
✅ [SUCCESS] .github/workflows/eslint.yml
✅ [SUCCESS] .github/workflows/flatpak-build.yml
✅ [SUCCESS] .github/workflows/git-sizer-dispatch.yml
✅ [SUCCESS] .github/workflows/git-sizer.yml
✅ [SUCCESS] .github/workflows/gitleaks.yml
✅ [SUCCESS] .github/workflows/greetings.yml
✅ [SUCCESS] .github/workflows/jekyll-gh-pages.yml
✅ [SUCCESS] .github/workflows/mega-linter.yml
✅ [SUCCESS] .github/workflows/npm-audit.yml
✅ [SUCCESS] .github/workflows/osv-scanner.yml
✅ [SUCCESS] .github/workflows/prettier.yml
✅ [SUCCESS] .github/workflows/print-release-asset-sizes.yml
✅ [SUCCESS] .github/workflows/pssecret-scanner.yml
✅ [SUCCESS] .github/workflows/rebase.yml
✅ [SUCCESS] .github/workflows/release-stats.yml
✅ [SUCCESS] .github/workflows/repo-stats.yml
✅ [SUCCESS] .github
(Truncated to 2500 characters out of 252337)
⚠️ MARKDOWN / markdownlint - 58 errors
Results of markdownlint linter (version 0.47.0)
See documentation on https://megalinter.io/9.3.0/descriptors/markdown_markdownlint/
-----------------------------------------------
✅ [SUCCESS] .github/CHANGELOG.md
✅ [SUCCESS] .github/ISSUE_TEMPLATE/bug_report.md
✅ [SUCCESS] .github/ISSUE_TEMPLATE/custom-issue.md
✅ [SUCCESS] .github/ISSUE_TEMPLATE/feature_request.md
❌ [ERROR] .github/PROMPTS/Consistency-Check.prompt.md
.github/PROMPTS/Consistency-Check.prompt.md:54 error MD032/blanks-around-lists Lists should be surrounded by blank lines [Context: "- Relevant file path(s) with c..."]
.github/PROMPTS/Consistency-Check.prompt.md:65 error MD032/blanks-around-lists Lists should be surrounded by blank lines [Context: "- The preferred approach or ex..."]
.github/PROMPTS/Consistency-Check.prompt.md:72 error MD032/blanks-around-lists Lists should be surrounded by blank lines [Context: "- **Quick Wins** – light stand..."]
.github/PROMPTS/Consistency-Check.prompt.md:87 error MD032/blanks-around-lists Lists should be surrounded by blank lines [Context: "1. **Understand the Context**:..."]
.github/PROMPTS/Consistency-Check.prompt.md:98 error MD032/blanks-around-lists Lists should be surrounded by blank lines [Context: "- Different naming conventions..."]
❌ [ERROR] .github/PROMPTS/Continue.prompt.md
.github/PROMPTS/Continue.prompt.md:9 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "- This is a generic continuati..."]
❌ [ERROR] .github/PROMPTS/Do-ToDo.prompt.md
.github/PROMPTS/Do-ToDo.prompt.md:9 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "- Begin by clearing any existi..."]
.github/PROMPTS/Do-ToDo.prompt.md:21:124 error MD026/no-trailing-punctuation Trailing punctuation in heading [Punctuation: '.']
❌ [ERROR] .github/PROMPTS/Generate-100%-Test-Coverage.prompt.md
.github/PROMPTS/Generate-100%-Test-Coverage.prompt.md:53:1 error MD029/ol-prefix Ordered list item prefix [Expected: 1; Actual: 6; Style: 1/2/3]
.github/PROMPTS/Generate-100%-Test-Coverage.prompt.md:54:1 error MD029/ol-prefix Ordered list item prefix [Expected: 2; Actual: 7; Style: 1/2/3]
.github/PROMPTS/Generate-100%-Test-Coverage.prompt.md:100:32 error MD026/no-trailing-punctuation Trailing punctuation in heading [Punctuation: ':']
❌ [ERROR] .github/PROMPTS/Review.prompt.md
.github/PROMPTS/Review.prompt.md:9 error MD041/first-line-heading
(Truncated to 2500 characters out of 10103)
⚠️ JAVASCRIPT / prettier - 318 errors
Results of prettier linter (version 3.7.4)
See documentation on https://megalinter.io/9.3.0/descriptors/javascript_prettier/
-----------------------------------------------
❌ [ERROR] electron-app/__mocks__/electron.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/Results-H2VOSWW7.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/Sprite-BZ4Kwmf3.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/binaryString-DLpsQS3c.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/findFields-C7eiFatx.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/getMessagesForName-CXPND5Gu.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/index-B6xcXKpx.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/index-C1xoUegX.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/index-CQWboq_8.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/index-D4CCfpM1.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/index-LvWRIhnC.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/isUnknown-BvXlyTdW.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/useMeasure-Df3vRnzU.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' imported from noop.js
❌ [ERROR] electron-app/ffv/assets/waypoint_icons_sprite-Dqa_dKt2.js
Checking formatting...
[error] Cannot find package 'prettier-plugin-packagejson' importe
(Truncated to 2500 characters out of 54832)
⚠️ JSON / prettier - 21 errors
Results of prettier linter (version 3.7.4)
See documentation on https://megalinter.io/9.3.0/descriptors/json_prettier/
-----------------------------------------------
❌ [ERROR] .devskim.json
Checking formatting...
[warn] .devskim.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .jscpd.json
Checking formatting...
[warn] .jscpd.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .markdown-link-check.json
Checking formatting...
[warn] .markdown-link-check.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .markdownlint.json
Checking formatting...
[warn] .markdownlint.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .prettierrc.json
Checking formatting...
[warn] .prettierrc.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .vscode/extensions.json
Checking formatting...
[warn] .vscode/extensions.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .vscode/launch.json
Checking formatting...
[warn] .vscode/launch.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .vscode/settings.json
Checking formatting...
[warn] .vscode/settings.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .vscode/tasks.json
Checking formatting...
[warn] .vscode/tasks.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] cspell.json
Checking formatting...
[warn] cspell.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
✅ [SUCCESS] docusaurus/package-lock.json
✅ [SUCCESS] docusaurus/package.json
❌ [ERROR] docusaurus/tsconfig.json
Checking formatting...
[warn] docusaurus/tsconfig.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] docusaurus/typedoc.json
Checking formatting...
[warn] docusaurus/typedoc.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] docusaurus/typedoc.local.json
Checking formatting...
[warn] docusaurus/typedoc.local.json
[warn] Code style issues found
(Truncated to 2500 characters out of 4241)
⚠️ YAML / prettier - 52 errors
Results of prettier linter (version 3.7.4)
See documentation on https://megalinter.io/9.3.0/descriptors/yaml_prettier/
-----------------------------------------------
❌ [ERROR] .checkov.yml
Checking formatting...
[warn] .checkov.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/.spellcheck.yml
Checking formatting...
[warn] .github/.spellcheck.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/dependabot.yml
Checking formatting...
[warn] .github/dependabot.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/ActionLint.yml
Checking formatting...
[warn] .github/workflows/ActionLint.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/Build.yml
Checking formatting...
[warn] .github/workflows/Build.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/VirusTotal.yml
Checking formatting...
[warn] .github/workflows/VirusTotal.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/build-win7.yml
Checking formatting...
[warn] .github/workflows/build-win7.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/cleanReleases.yml
Checking formatting...
[warn] .github/workflows/cleanReleases.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/codeql.yml
Checking formatting...
[warn] .github/workflows/codeql.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/dependency-review.yml
Checking formatting...
[warn] .github/workflows/dependency-review.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/devskim.yml
Checking formatting...
[warn] .github/workflows/devskim.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.
❌ [ERROR] .github/workflows/docusaurus.yml
Checking formatting...
[warn] .github/workflows/docusaurus.yml
[warn] Code style issues found in the above file. Run Prettier
(Truncated to 2500 characters out of 10629)
⚠️ REPOSITORY / secretlint - 3 errors
error: found basic auth credential: *****************************
┌─ electron-app/tests/unit/main/ipc/registerExternalHandlers.test.js:161:56
│
161 │ await expect(shellOpenExternalHandler({}, "https://user:pass@example.com")).rejects.toThrow(
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
│
= secretlint rule(@secretlint/secretlint-rule-preset-recommend > @secretlint/secretlint-rule-basicauth) error
error: found basic auth credential: *****************************
┌─ electron-app/tests/unit/main/security/externalUrlPolicy.test.ts:20:43
│
20 │ expect(() => validateExternalUrl("https://user:pass@example.com")).toThrow();
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
│
= secretlint rule(@secretlint/secretlint-rule-preset-recommend > @secretlint/secretlint-rule-basicauth) error
error: found basic auth credential: *****************************
┌─ electron-app/tests/unit/main/updater/setupAutoUpdater.test.ts:68:23
│
68 │ feedURL: "https://user:pass@example.com/releases",
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
│
= secretlint rule(@secretlint/secretlint-rule-preset-recommend > @secretlint/secretlint-rule-basicauth) error
error: 3 errors emitted
⚠️ CSS / stylelint - 306 errors
Results of stylelint linter (version 16.26.1)
See documentation on https://megalinter.io/9.3.0/descriptors/css_stylelint/
-----------------------------------------------
❌ [ERROR] docusaurus/src/components/GitHubStats/styles.module.css
docusaurus/src/components/GitHubStats/styles.module.css
1:1 ✖ Expected class selector ".githubStats" to be kebab-case selector-class-pattern
8:1 ✖ Expected class selector ".statBadge" to be kebab-case selector-class-pattern
22:1 ✖ Expected class selector ".statBadge" to be kebab-case selector-class-pattern
✖ 3 problems (3 errors, 0 warnings)
❌ [ERROR] docusaurus/src/components/HomepageFeatures/styles.module.css
docusaurus/src/components/HomepageFeatures/styles.module.css
6:1 ✖ Expected class selector ".featuresTitle" to be kebab-case selector-class-pattern
13:1 ✖ Expected class selector ".featureCard" to be kebab-case selector-class-pattern
23:1 ✖ Expected class selector ".featureCard" to be kebab-case selector-class-pattern
29:1 ✖ Expected class selector ".featureIcon" to be kebab-case selector-class-pattern
35:1 ✖ Expected class selector ".featureTitle" to be kebab-case selector-class-pattern
42:1 ✖ Expected class selector ".featureDescription" to be kebab-case selector-class-pattern
✖ 6 problems (6 errors, 0 warnings)
❌ [ERROR] docusaurus/src/css/custom.css
docusaurus/src/css/custom.css
33:65 ✖ Expected "Roboto" to be "roboto" value-keyword-case
33:73 ✖ Expected "Ubuntu" to be "ubuntu" value-keyword-case
33:81 ✖ Expected "Cantarell" to be "cantarell" value-keyword-case
35:63 ✖ Expected "Menlo" to be "menlo" value-keyword-case
35:70 ✖ Expected "Monaco" to be "monaco" value-keyword-case
35:78 ✖ Expected "Consolas" to be "consolas" value-keyword-case
52:3 ✖ Unexpected empty line before custom property custom-property-empty-line-before
57:3 ✖ Unexpected empty line before custom property custom-property-empty-line-before
70:19 ✖ Expected "optimizeLegibility" to be "optimizelegibility"
(Truncated to 2500 characters out of 48264)
⚠️ REPOSITORY / trivy - 6 errors
warning: Package: ajv
Installed Version: 6.12.6
Vulnerability CVE-2025-69873
Severity: MEDIUM
Fixed Version: 8.18.0, 6.14.0
Link: [CVE-2025-69873](https://avd.aquasec.com/nvd/cve-2025-69873)
┌─ docusaurus/package-lock.json:6813:1
│
6813 │ ╭ "node_modules/ajv": {
6814 │ │ "version": "6.12.6",
6815 │ │ "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
6816 │ │ "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
· │
6827 │ │ }
6828 │ │ },
│ ╰^
│
= ajv: ReDoS via $data reference
= ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation.
warning: Package: ajv
Installed Version: 8.17.1
Vulnerability CVE-2025-69873
Severity: MEDIUM
Fixed Version: 8.18.0, 6.14.0
Link: [CVE-2025-69873](https://avd.aquasec.com/nvd/cve-2025-69873)
┌─ docusaurus/package-lock.json:6846:1
│
6846 │ ╭ "node_modules/ajv-formats/node_modules/ajv": {
6847 │ │ "version": "8.17.1",
6848 │ │ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
6849 │ │ "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
· │
6860 │ │ }
6861 │ │ },
│ ╰^
│
┌─ docusaurus/package-lock.json:18828:1
│
18828 │ ╭ "node_modules/schema-utils/node_modules/ajv": {
18829 │ │ "version": "8.17.1",
18830 │ │ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
18831 │ │ "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
· │
18842 │ │ }
18843 │ │ },
│ ╰^
│
=
(Truncated to 2500 characters out of 20316)
⚠️ TYPESCRIPT / ts-standard - 306 errors
Results of ts-standard linter (version 12.0.2)
See documentation on https://megalinter.io/9.3.0/descriptors/typescript_ts_standard/
-----------------------------------------------
❌ [ERROR] docusaurus/docusaurus.config.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] docusaurus/sidebars.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] docusaurus/src/js/modernEnhancements.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/fitsdk.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/global.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/Results-H2VOSWW7.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/Sprite-BZ4Kwmf3.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/binaryString-DLpsQS3c.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/findFields-C7eiFatx.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/getMessagesForName-CXPND5Gu.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/index-B6xcXKpx.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/index-C1xoUegX.d.ts
Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.
❌ [ERROR] electron-app/types/ffv/assets/inde
(Truncated to 2500 characters out of 62473)
⚠️ JSON / v8r - 1 error
Results of v8r linter (version 5.1.0)
See documentation on https://megalinter.io/9.3.0/descriptors/json_v8r/
-----------------------------------------------
✅ [SUCCESS] .devskim.json
✅ [SUCCESS] .jscpd.json
✅ [SUCCESS] .markdown-link-check.json
✅ [SUCCESS] .markdownlint.json
✅ [SUCCESS] .prettierrc.json
✅ [SUCCESS] .vscode/extensions.json
✅ [SUCCESS] .vscode/launch.json
✅ [SUCCESS] .vscode/settings.json
❌ [ERROR] .vscode/tasks.json
ℹ No config file found
ℹ Pre-warming the cache
ℹ Processing .vscode/tasks.json
ℹ Found schema in https://www.schemastore.org/api/json/catalog.json ...
ℹ Validating .vscode/tasks.json against schema from https://www.schemastore.org/task.json ...
✖ .vscode/tasks.json is invalid
.vscode/tasks.json#/tasks/7/group must be object
.vscode/tasks.json#/tasks/7/group must be equal to one of the allowed values
.vscode/tasks.json#/tasks/7/group must match a schema in anyOf
✅ [SUCCESS] cspell.json
✅ [SUCCESS] docusaurus/package-lock.json
✅ [SUCCESS] docusaurus/package.json
✅ [SUCCESS] docusaurus/tsconfig.json
✅ [SUCCESS] docusaurus/typedoc.json
✅ [SUCCESS] docusaurus/typedoc.local.json
✅ [SUCCESS] electron-app/.markdown-link-check.json
✅ [SUCCESS] electron-app/.markdownlint.json
✅ [SUCCESS] electron-app/.npmpackagejsonlintrc.json
✅ [SUCCESS] electron-app/.vscode/tasks.json
✅ [SUCCESS] electron-app/ffv/manifest.json
✅ [SUCCESS] electron-app/package-lock.json
✅ [SUCCESS] electron-app/package.json
✅ [SUCCESS] electron-app/tsconfig.json
✅ [SUCCESS] electron-app/tsconfig.vitest.json
✅ [SUCCESS] mermaid.config.json
See detailed reports in MegaLinter artifacts
Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)
- Documentation: Custom Flavors
- Command:
npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,COPYPASTE_JSCPD,CSS_STYLELINT,HTML_DJLINT,HTML_HTMLHINT,JAVASCRIPT_PRETTIER,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,POWERSHELL_POWERSHELL,POWERSHELL_POWERSHELL_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_DEVSKIM,REPOSITORY_DUSTILOCK,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,REPOSITORY_KINGFISHER,SPELL_CSPELL,SPELL_LYCHEE,TYPESCRIPT_STANDARD,XML_XMLLINT,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/npm_and_yarn/electron-app/ajv-6.14.0
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps ajv from 6.12.6 to 6.14.0.
Commits
e3af0a76.14.0b552ed6add regExp option to address $data exploit via a regular expression (CVE-2025...72f2286docs: update v7 info231e52bMerge pull request #1320 from philsturgeon/patch-1d3475fcAdd spectral, an AJV util from a sponsor413afe0docs: v7.0.0-beta.311e997bupdate readme for v7Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.