Skip to content

fix: Resolve security vulnerabilities #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
anurag-stepsecurity wants to merge 1 commit into
base: main
Choose a base branch
from
+741 −1,901

fix: Resolve security vulnerabilities

56c16ef
Select commit
Loading
Failed to load commit list.
Open

fix: Resolve security vulnerabilities #31

fix: Resolve security vulnerabilities
56c16ef
Select commit
Loading
Failed to load commit list.
StepSecurity Actions Security / StepSecurity Required Checks failed Apr 22, 2026 in 0s

StepSecurity Required Checks

Finished StepSecurity Required Checks

  • NPM Compromised Packages Check - Checks for compromised npm package versions in the PR
  • NPM Package Cooldown Check - Fails if any package version in the PR was released within the configured cooldown period, helping to avoid brand-new (and potentially unreviewed or malicious) releases
  • PyPI Compromised Packages Check - Checks for compromised PyPI package versions in the PR
  • PyPI Package Cooldown Check - Fails if any PyPI package version in the PR was released within the configured cooldown period
  • Pwn Request Vulnerabilities Check - Checks for Pwn Request vulnerabilities in the PR via risky triggers
  • Script Injection Check - Checks for script injection vulnerabilities in the PR

Details

🔐 Approve Check Run

One or more security checks failed. To approve this check run, click here.

❌ NPM Package Cooldown Check

The following npm packages added in current PR are recent versions(not older than 2 days). This check will pass at 2026-04-23T17:24:19Z

Package Name Previous Version Current Version file Current Version Release Date
@typescript-eslint/project-service 8.59.0 package-lock.json 2026-04-20T17:23:35Z
@typescript-eslint/types 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:29Z
@typescript-eslint/tsconfig-utils 8.59.0 package-lock.json 2026-04-20T17:23:28Z
@typescript-eslint/scope-manager 6.21.0 8.59.0 package-lock.json 2026-04-20T17:23:51Z
@typescript-eslint/typescript-estree 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:43Z
@typescript-eslint/visitor-keys 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:36Z
@typescript-eslint/eslint-plugin 6.21.0 8.59.0 package-lock.json 2026-04-20T17:24:19Z
@typescript-eslint/parser 6.21.0 8.59.0 package-lock.json 2026-04-20T17:23:58Z
@typescript-eslint/type-utils 6.21.0 8.59.0 package-lock.json 2026-04-20T17:24:06Z
@typescript-eslint/utils 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:58Z
@typescript-eslint/eslint-plugin 6.7.2 8.59.0 package.json 2026-04-20T17:24:19Z
@typescript-eslint/parser 6.7.2 8.59.0 package.json 2026-04-20T17:23:58Z
✅ Script Injection Vulnerabilities Check

No Script Injection vulnerabilities found in this PR.

✅ Pwn Request Vulnerabilities Check

No Pwn Request vulnerabilities found in this PR.

✅ PyPI Package Cooldown Check

No PyPI package upgrades to recent releases found in current PR.

✅ PyPI Compromised Packages Check

No compromised PyPI package versions found in current PR.

✅ NPM Compromised Packages Check

No Compromised npm packages are added in current PR.

⏲️ History

Previous invocation results of same check:

🔐 Approve Check Run

One or more security checks failed. To approve this check run, click here.

❌ NPM Package Cooldown Check

The following npm packages added in current PR are recent versions(not older than 2 days). This check will pass at 2026-04-23T17:24:19Z

Package Name Previous Version Current Version file Current Version Release Date
@typescript-eslint/eslint-plugin 6.21.0 8.59.0 package-lock.json 2026-04-20T17:24:19Z
@typescript-eslint/utils 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:58Z
@typescript-eslint/project-service 8.59.0 package-lock.json 2026-04-20T17:23:35Z
@typescript-eslint/visitor-keys 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:36Z
@typescript-eslint/type-utils 6.21.0 8.59.0 package-lock.json 2026-04-20T17:24:06Z
@typescript-eslint/types 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:29Z
@typescript-eslint/tsconfig-utils 8.59.0 package-lock.json 2026-04-20T17:23:28Z
@typescript-eslint/typescript-estree 5.62.0 8.59.0 package-lock.json 2026-04-20T17:23:43Z
@typescript-eslint/parser 6.21.0 8.59.0 package-lock.json 2026-04-20T17:23:58Z
@typescript-eslint/scope-manager 6.21.0 8.59.0 package-lock.json 2026-04-20T17:23:51Z
@typescript-eslint/eslint-plugin 6.7.2 8.59.0 package.json 2026-04-20T17:24:19Z
@typescript-eslint/parser 6.7.2 8.59.0 package.json 2026-04-20T17:23:58Z
✅ Script Injection Vulnerabilities Check

No Script Injection vulnerabilities found in this PR.

✅ Pwn Request Vulnerabilities Check

No Pwn Request vulnerabilities found in this PR.

✅ PyPI Compromised Packages Check

No compromised PyPI package versions found in current PR.

✅ PyPI Package Cooldown Check

No PyPI package upgrades to recent releases found in current PR.

✅ NPM Compromised Packages Check

No Compromised npm packages are added in current PR.

View more details on StepSecurity Actions Security