techulus / push-github-action Goto Github PK
View Code? Open in Web Editor NEWGithub Action for Push by Techulus
License: MIT License
Github Action for Push by Techulus
License: MIT License
This PR was automatically created by Snyk using the credentials of a real user.
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
479/1000 Why? Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIVESUPPORT-3237242 |
No | No Known Exploit | |
591/1000 Why? Recently disclosed, Has a fix available, CVSS 6.1 |
Cross-site Scripting (XSS) SNYK-RUBY-ACTIVESUPPORT-3360028 |
No | No Known Exploit | |
654/1000 Why? Has a fix available, CVSS 8.8 |
Integer Overflow or Wraparound SNYK-RUBY-COMMONMARKER-2415031 |
Yes | No Known Exploit | |
486/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.3 |
Out-of-bounds Read SNYK-RUBY-COMMONMARKER-3318398 |
Yes | Proof of Concept | |
429/1000 Why? Has a fix available, CVSS 4.3 |
Denial of Service (DoS) SNYK-RUBY-COMMONMARKER-3318399 |
Yes | No Known Exploit | |
646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 |
Denial of Service (DoS) SNYK-RUBY-COMMONMARKER-3318400 |
Yes | Proof of Concept | |
536/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.3 |
Denial of Service (DoS) SNYK-RUBY-COMMONMARKER-3318401 |
Yes | Proof of Concept | |
589/1000 Why? Has a fix available, CVSS 7.5 |
XML External Entity (XXE) Injection SNYK-RUBY-NOKOGIRI-1726792 |
No | No Known Exploit | |
619/1000 Why? Has a fix available, CVSS 8.1 |
Use After Free SNYK-RUBY-NOKOGIRI-2413994 |
No | No Known Exploit | |
589/1000 Why? Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-RUBY-NOKOGIRI-2620374 |
No | No Known Exploit | |
589/1000 Why? Has a fix available, CVSS 7.5 |
Out-of-bounds Write SNYK-RUBY-NOKOGIRI-2630623 |
No | No Known Exploit | |
589/1000 Why? Has a fix available, CVSS 7.5 |
Denial of Service (DoS) SNYK-RUBY-NOKOGIRI-2630898 |
No | No Known Exploit | |
624/1000 Why? Has a fix available, CVSS 8.2 |
Improper Handling of Unexpected Data Type SNYK-RUBY-NOKOGIRI-2840634 |
No | No Known Exploit | |
589/1000 Why? Has a fix available, CVSS 7.5 |
NULL Pointer Dereference SNYK-RUBY-NOKOGIRI-3052880 |
No | No Known Exploit | |
589/1000 Why? Has a fix available, CVSS 7.5 |
Directory Traversal SNYK-RUBY-TZINFO-2958048 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Cross-site Scripting (XSS)
🦉 XML External Entity (XXE) Injection
🦉 More lessons are available in Snyk Learn
Originally posted by @NahNick in NahNick/opensource.guide#11
New Crowdin translations, automated with Github Actions
See .github/workflows/crowdin-download.yml
This PR will be updated every day with new translations.
Due to a limitation in Github Actions, checks are not running on this PR without manual action.
If you want to run the checks, then close and re-open it.
Originally posted by @github-actions in mastodon/mastodon#27220
When unfollowing a user that follows you, Mastodon should ask through a confirmation dialogue if you would also like that user to be removed as a follower (as can be done through the /relationships screen).
This dialogue should be configurable as such:
"Softblocking"—blocking a user and then unblocking them to force an unfollow—is in common practice on Mastodon. This functionality should be implemented in the UI itself. Accounts which maintain small and roughly symmetrical following/follower typically do not want to maintain followers who they do not themselves follow.
Originally posted by @a-dows in mastodon/mastodon#26891
git checkout main
docker compose build --progress plain
#20 27.04 Bundler 2.4.10 is running, but your lockfile was generated with 2.4.13. Installing Bundler 2.4.13 and restarting using that version.
#20 27.21 There was an error installing the locked bundler version (2.4.13), rerun with the `--verbose` flag for more details. Going on using bundler 2.4.10.
#20 27.29 Could not load OpenSSL.
#20 27.29 You must recompile Ruby with OpenSSL support.
#20 ERROR: process "/bin/bash -o pipefail -c apt-get update && apt-get install -y --no-install-recommends build-essential git libicu-dev libidn-dev libpq-dev libjemalloc-dev zlib1g-dev libgdbm-dev libgmp-dev libssl-dev libyaml-0-2 ca-certificates libreadline8 python3 shared-mime-info && bundle config set --local deployment 'true' && bundle config set --local without 'development test' && bundle config set silence_root_warning true && bundle install -j\"$(nproc)\" && yarn install --pure-lockfile --production --network-timeout 600000 && yarn cache clean" did not complete successfully: exit code: 17
Build succeeds
Build fails
No response
No response
main
No response
Originally posted by @CSDUMMI in mastodon/mastodon#26888
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.