Giter Site home page Giter Site logo

dots's Introduction

veritem

CI

Me in your Terminal

Example:

Makuza Mugabo Verite
Curious Open source developer
Version: 0.0.1


Usage: veritem [command] [option]

Options
 -h,--help               Shows Help messages
 -v,--version            Show the current version of cli


Commands

 $ github, gh            Open his github Profile
 $ twitter, twr          Open his twitter Profile
 $ blog, blg             Open his Blog Profile
 $ home, hm              Open his Personal Website
 $ birthDay,bd           View his cake date

To setup this on linux you just need to download it's binary here and execute it

Built with Deno 🦕

Licence

This project is under MIT Licence

dots's People

Contributors

veritem avatar

Stargazers

avatar avatar

Watchers

avatar

dots's Issues

CVE-2021-23382 (Medium) detected in postcss-6.0.23.tgz, postcss-5.2.18.tgz

CVE-2021-23382 - Medium Severity Vulnerability

Vulnerable Libraries - postcss-6.0.23.tgz, postcss-5.2.18.tgz

postcss-6.0.23.tgz

Tool for transforming styles with JS plugins

Library home page: https://registry.npmjs.org/postcss/-/postcss-6.0.23.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/postcss/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-stylelint-0.4.2.tgz
      • stylelint-8.4.0.tgz
        • postcss-6.0.23.tgz (Vulnerable Library)
postcss-5.2.18.tgz

Tool for transforming styles with JS plugins

Library home page: https://registry.npmjs.org/postcss/-/postcss-5.2.18.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/postcss-less/node_modules/postcss/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-stylelint-0.4.2.tgz
      • stylelint-8.4.0.tgz
        • postcss-less-1.1.5.tgz
          • postcss-5.2.18.tgz (Vulnerable Library)

Found in HEAD commit: bfaf82b0d7efa81c223d2bf7e5d08f661aa253e8

Found in base branch: main

Vulnerability Details

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*\s* sourceMappingURL=(.*).

Publish Date: 2021-04-26

URL: CVE-2021-23382

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382

Release Date: 2021-04-26

Fix Resolution: postcss - 8.2.13

Step up your Open Source Security Game with WhiteSource here

CVE-2020-7608 (Medium) detected in yargs-parser-9.0.2.tgz

CVE-2020-7608 - Medium Severity Vulnerability

Vulnerable Library - yargs-parser-9.0.2.tgz

the mighty option parser used by yargs

Library home page: https://registry.npmjs.org/yargs-parser/-/yargs-parser-9.0.2.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/yargs-parser/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-tslint-0.4.2.tgz
      • yargs-11.1.1.tgz
        • yargs-parser-9.0.2.tgz (Vulnerable Library)

Found in HEAD commit: bfaf82b0d7efa81c223d2bf7e5d08f661aa253e8

Found in base branch: main

Vulnerability Details

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload.

Publish Date: 2020-03-16

URL: CVE-2020-7608

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: yargs/yargs-parser@63810ca

Release Date: 2020-06-05

Fix Resolution: 5.0.1;13.1.2;15.0.1;18.1.1

Step up your Open Source Security Game with WhiteSource here

CVE-2021-33623 (High) detected in trim-newlines-1.0.0.tgz, trim-newlines-2.0.0.tgz

CVE-2021-33623 - High Severity Vulnerability

Vulnerable Libraries - trim-newlines-1.0.0.tgz, trim-newlines-2.0.0.tgz

trim-newlines-1.0.0.tgz

Trim newlines from the start and/or end of a string

Library home page: https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/trim-newlines/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-stylelint-0.4.2.tgz
      • meow-3.7.0.tgz
        • trim-newlines-1.0.0.tgz (Vulnerable Library)
trim-newlines-2.0.0.tgz

Trim newlines from the start and/or end of a string

Library home page: https://registry.npmjs.org/trim-newlines/-/trim-newlines-2.0.0.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/stylelint/node_modules/trim-newlines/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-stylelint-0.4.2.tgz
      • stylelint-8.4.0.tgz
        • meow-4.0.1.tgz
          • trim-newlines-2.0.0.tgz (Vulnerable Library)

Found in HEAD commit: bfaf82b0d7efa81c223d2bf7e5d08f661aa253e8

Found in base branch: main

Vulnerability Details

The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.

Publish Date: 2021-05-28

URL: CVE-2021-33623

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33623

Release Date: 2021-05-28

Fix Resolution: trim-newlines - 3.0.1, 4.0.1

Step up your Open Source Security Game with WhiteSource here

CVE-2020-7753 (High) detected in trim-0.0.1.tgz

CVE-2020-7753 - High Severity Vulnerability

Vulnerable Library - trim-0.0.1.tgz

Trim string whitespace

Library home page: https://registry.npmjs.org/trim/-/trim-0.0.1.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/trim/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-stylelint-0.4.2.tgz
      • stylelint-8.4.0.tgz
        • postcss-html-0.12.0.tgz
          • remark-8.0.0.tgz
            • remark-parse-4.0.0.tgz
              • trim-0.0.1.tgz (Vulnerable Library)

Found in HEAD commit: bfaf82b0d7efa81c223d2bf7e5d08f661aa253e8

Found in base branch: main

Vulnerability Details

All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().

Publish Date: 2020-10-27

URL: CVE-2020-7753

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: component/trim#8

Release Date: 2020-10-27

Fix Resolution: trim - 0.0.3

Step up your Open Source Security Game with WhiteSource here

CVE-2020-28469 (High) detected in glob-parent-3.1.0.tgz, glob-parent-2.0.0.tgz

CVE-2020-28469 - High Severity Vulnerability

Vulnerable Libraries - glob-parent-3.1.0.tgz, glob-parent-2.0.0.tgz

glob-parent-3.1.0.tgz

Strips glob magic from a string to provide the parent directory path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/fast-glob/node_modules/glob-parent/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-tslint-0.4.2.tgz
      • globby-8.0.2.tgz
        • fast-glob-2.2.7.tgz
          • glob-parent-3.1.0.tgz (Vulnerable Library)
glob-parent-2.0.0.tgz

Strips glob magic from a string to provide the parent path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/glob-base/node_modules/glob-parent/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-stylelint-0.4.2.tgz
      • stylelint-8.4.0.tgz
        • micromatch-2.3.11.tgz
          • parse-glob-3.0.4.tgz
            • glob-base-0.3.0.tgz
              • glob-parent-2.0.0.tgz (Vulnerable Library)

Found in HEAD commit: bfaf82b0d7efa81c223d2bf7e5d08f661aa253e8

Found in base branch: main

Vulnerability Details

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

Publish Date: 2021-06-03

URL: CVE-2020-28469

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28469

Release Date: 2021-06-03

Fix Resolution: glob-parent - 5.1.2

Step up your Open Source Security Game with WhiteSource here

WS-2021-0154 (Medium) detected in glob-parent-2.0.0.tgz, glob-parent-3.1.0.tgz

WS-2021-0154 - Medium Severity Vulnerability

Vulnerable Libraries - glob-parent-2.0.0.tgz, glob-parent-3.1.0.tgz

glob-parent-2.0.0.tgz

Strips glob magic from a string to provide the parent path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/glob-base/node_modules/glob-parent/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-stylelint-0.4.2.tgz
      • stylelint-8.4.0.tgz
        • micromatch-2.3.11.tgz
          • parse-glob-3.0.4.tgz
            • glob-base-0.3.0.tgz
              • glob-parent-2.0.0.tgz (Vulnerable Library)
glob-parent-3.1.0.tgz

Strips glob magic from a string to provide the parent directory path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz

Path to dependency file: dots/config/coc/extensions/package.json

Path to vulnerable library: dots/config/coc/extensions/node_modules/fast-glob/node_modules/glob-parent/package.json

Dependency Hierarchy:

  • coc-prettier-1.1.23.tgz (Root Library)
    • prettier-tslint-0.4.2.tgz
      • globby-8.0.2.tgz
        • fast-glob-2.2.7.tgz
          • glob-parent-3.1.0.tgz (Vulnerable Library)

Found in HEAD commit: bfaf82b0d7efa81c223d2bf7e5d08f661aa253e8

Found in base branch: main

Vulnerability Details

Regular Expression Denial of Service (ReDoS) vulnerability was found in glob-parent before 5.1.2.

Publish Date: 2021-01-27

URL: WS-2021-0154

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2

Release Date: 2021-01-27

Fix Resolution: glob-parent - 5.1.2

Step up your Open Source Security Game with WhiteSource here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.