Skip to content

Bump release-drafter/release-drafter from 7.4.0 to 7.5.1#641

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/release-drafter/release-drafter-7.5.1
Open

Bump release-drafter/release-drafter from 7.4.0 to 7.5.1#641
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/release-drafter/release-drafter-7.5.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 25, 2026

Copy link
Copy Markdown
Contributor

Bumps release-drafter/release-drafter from 7.4.0 to 7.5.1.

Release notes

Sourced from release-drafter/release-drafter's releases.

v7.5.1

What's Changed

Bug Fixes

  • fix: use PR changed files as the source of truth for path filtering (#1640) @​cchanche

Full Changelog: release-drafter/release-drafter@v7.5.0...v7.5.1

v7.5.0

What's Changed

New

Bug Fixes

Dependency Updates

Full Changelog: release-drafter/release-drafter@v7.4.0...v7.5.0

Commits
  • 4d75298 chore: release v7.5.1
  • 87be2bf fix: use PR changed files as the source of truth for path filtering (#1640)
  • 73b95fa chore: release v7.5.0
  • 46fd415 Fix/align increments to semver lib from 0.0.0 (#1636)
  • ee02572 chore: upgrade various deps
  • cd91445 build(deps): bump undici from 6.24.1 to 6.27.0 (#1637)
  • 33c969b fix: require actual matches for category mode only (#1639)
  • 5d6d314 ci: support label 'dependencies' for dependabot
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 7.4.0 to 7.5.1.
- [Release notes](https://github.com/release-drafter/release-drafter/releases)
- [Commits](release-drafter/release-drafter@ed4bc48...4d75298)

---
updated-dependencies:
- dependency-name: release-drafter/release-drafter
  dependency-version: 7.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code minor Minor semver labels Jun 25, 2026
@github-actions

Copy link
Copy Markdown
Contributor

Deleted: /tmp/prior-commit ∴ /tmp/prior-commit/dist/chunks/common.js [🟡 MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM anti-static/obfuscation/js high entropy javascript (>5.37) that uses charAt/substr/join loops var createStandardJSONSchemaMethod = (
var import_fast_content_type_parse = (
var isContentTypeApplicationJson = (
var createToJSONSchemaMethod = (
var parseCommitishForRelease = (
var containsDocumentMarker = (
var intersectionProcessor = (
var nonoptionalProcessor = (
var getConfigFileFromFs = (
var sortMapEntriesByKey = (
var transformProcessor = (
var isContentTypeText = (
var normalizeFilepath = (
var nullableProcessor = (
var optionalProcessor = (
var prefaultProcessor = (
var readonlyProcessor = (
var _safeDecodeAsync = (
var _safeEncodeAsync = (
var booleanProcessor = (
var defaultProcessor = (
var stringifyComment = (
var _safeParseAsync = (
var customProcessor = (
var isNotAnchorChar = (
var numberProcessor = (
var objectProcessor = (
var stringProcessor = (
var arrayProcessor = (
var catchProcessor = (
var executeGraphql = (
var getFoldOptions = (
var getWindowsInfo = (
var neverProcessor = (
var unionProcessor = (
var __commonJSMin = (
var enumProcessor = (
var escapeTagName = (
var isScalarValue = (
var lowercaseKeys = (
var pipeProcessor = (
var prettifyError = (
var stringToRegex = (
var stringifyJSON = (
var _decodeAsync = (
var _encodeAsync = (
var getLinuxInfo = (
var getMacOsInfo = (
var __copyProps = (
var __exportAll = (
var _parseAsync = (
var _safeDecode = (
var _safeEncode = (
var initializer = (
var intIdentify = (
var isEmptyPath = (
var lineComment = (
var _safeParse = (
var getOctokit = (
var isDocument = (
var isMergeKey = (
var stringbool = (
var hasAnchor = (
var isScalar = (
var __toESM = (
var _decode = (
var _encode = (
var getPath = (
var hasPath = (
var isAlias = (
var isBlock = (
var setPath = (
var _parse = (
var isPair = (
var isMap = (
var isSeq = (
var noop = (
var uuid = (
-MEDIUM anti-static/obfuscation/math suspicious junk math operations with charAt var BUFFER_SIZE = 16386;
var TICK_MS = 499;
var kSize = 2048;
(U+0009)
(U+0020)
(i + 32)
charAt
-MEDIUM c2/addr/server references a 'server address', possible C2 client serverUrl
-MEDIUM c2/client contains a client ID client_id
-MEDIUM c2/tool_transfer/os references multiple operating systems https://
Windows
http://
windows
darwin
Linux
linux
-MEDIUM crypto/uuid generates a random UUID randomUUID
-MEDIUM data/base64/decode decode base64 strings js_base64_decode::atob(
-MEDIUM data/embedded/base64_terms Contains base64 CERTIFICATE contains_base64::DRVJUSUZJQ0FUR
contains_base64::NFUlRJRklDQVRF
-MEDIUM data/encoding/int performs math directly against parsed integers * parseInt(
-MEDIUM data/encoding/utf16 assembles strings from UTF-16 code units (String.fromCharCode(i + 32)
String.fromCharCode(buf[i])
String.fromCharCode.apply(n
(String.fromCharCode(i))
-MEDIUM discover/system/platform get system identification process.platform
process.versions
os.platform()
process.arch
os.arch()
-MEDIUM exec/cmd/pipe launches program and reads its output getExecOutput
-MEDIUM exec/shell/pipe_sh pipes to shell [
-MEDIUM exec/shell/power runs powershell scripts powershell -command
-MEDIUM fs/file/copy copy files using cp copyFile
-MEDIUM fs/permission/modify modifies file permissions chmod
-MEDIUM net/download download files downloadWorkflowRunLogs
downloadTarballArchive
downloadZipballArchive
downloadArchiveForOrg
downloadArtifact
downloads
-MEDIUM net/http/accept accepts binary files via HTTP application/octet-stream
Accept
-MEDIUM net/http/cookies access HTTP resources using cookies Cookie
HTTP
-MEDIUM net/http/form_upload upload content via HTTP form application/x-www-form-urlencoded
application/json
POST
post
-MEDIUM net/http/post submits form content to websites Content-Type should be a single value.
Content-Type was not one of
Content-Type header.
Content-Type:
HTTP
POST
http
-MEDIUM net/http/webhook supports webhooks updateWebhookConfigForRepo
updateWebhookConfigForApp
updateWebhookConfigForOrg
redeliverWebhookDelivery
getWebhookConfigForRepo
getWebhookConfigForApp
getWebhookConfigForOrg
listWebhookDeliveries
getWebhookDelivery
testPushWebhook
createWebhook
deleteWebhook
listWebhooks
pingWebhook
webhook
-MEDIUM net/http/websocket supports web sockets 258EAFA5-E914-47DA-95CA-C5AB0DC85B11
establishWebSocketConnection
closeWebSocketConnection
WebSocketSendData
kWebSocketURL:
WebSocketInit
-MEDIUM net/ip/addr mentions an 'IP address' IP address
-MEDIUM net/ip/host_port connects to an arbitrary hostname:port host && pending.port
host, protocol, port
host: hostname, port
hostname && A.port
hostname}${port
host}${port
host, port
-MEDIUM net/ip/icmp Uses the ping tool to generate ICMP packets ping received
-MEDIUM net/proxy/tunnel network tunnel proxy crypto
socket
tunnel
Proxy
proxy
-MEDIUM net/socket/listen listen on a socket accept
socket
-MEDIUM net/url/encode encodes URL, likely to pass GET variables urlencode
-MEDIUM sus/intercept References interception interceptors_formatter
interceptorOpts
-LOW anti-behavior/random_behavior uses a random number generator randomFillSync
randomBytes
randomUUID
randomInt
-LOW collect/code/github_api access GitHub API api.github.com
-LOW credential/password references a 'password' _decodedPassword
get password
-LOW crypto/public_key references a 'public key' public-key
PublicKey
-LOW data/compression/gzip works with gzip files gzip
-LOW data/compression/zlib uses zlib zlib
-LOW data/encoding/base64 Supports base64 encoded strings base64
-LOW data/encoding/json_decode Decodes JSON messages JSON.parse
-LOW data/encoding/json_encode encodes JSON JSON.stringify
-LOW data/encoding/yaml Decodes YAML content YAML.parse
-LOW discover/user/USER Looks up the USER name of the current user USER
ENV
-LOW exec/plugin references a 'plugin' const currentPlugins
additionalPlugins
Attach a plugin
static plugins
newPlugins
plugin1
plugin2
plugin3
-LOW fs/directory/create creates directories mkdir
-LOW fs/directory/remove Uses libc functions to remove directories rmdir
-LOW fs/file/append appends to a file appendFile
-LOW fs/file/delete deletes files deleteFile
unlink
-LOW fs/file/open opens files open(
-LOW fs/file/write writes to file writeFile
-LOW net/http Uses the HTTP protocol HTTP
http
-LOW net/http/2 Uses the HTTP/2 protocol HTTP/2
-LOW net/http/accept_encoding set HTTP response encoding format (example: gzip) Accept-Encoding
-LOW net/http/auth makes HTTP requests with Bearer authentication WWW-Authenticate
-LOW net/http/proxy use HTTP proxy that requires authentication Proxy-Authorization
-LOW net/http/request makes HTTP requests httpRequest
User-Agent
HTTP/1.
Referer
-LOW net/socket/send send a message to a socket socket
send
-LOW net/url/embedded contains embedded HTTPS URLs https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionComma
https://github.com/chromium/chromium/blob/694d20d134cb553d8d89e5500b91480
https://html.spec.whatwg.org/multipage/form-control-infrastructure.html
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis
https://html.spec.whatwg.org/multipage/server-sent-events.html
https://bugs.chromium.org/p/chromium/issues/detail?id=398407
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
https://w3c.github.io/webappsec-subresource-integrity/
https://andreubotella.github.io/multipart-form-data/
https://docs.github.com/rest/orgs/security-managers
https://html.spec.whatwg.org/multipage/origin.html
https://html.spec.whatwg.org/multipage/comms.html
https://w3c.github.io/webappsec-referrer-policy/
https://datatracker.ietf.org/doc/html/rfc2616
https://datatracker.ietf.org/doc/html/rfc6455
https://json-schema.org/draft/2020-12/schema
https://caniuse.com/js-regexp-lookbehind
https://github.com/octokit/octokit.js/
https://github.com/paralleldrive/cuid.
https://www.rfc-editor.org/rfc/rfc1738
https://www.rfc-editor.org/rfc/rfc6265
https://www.rfc-editor.org/rfc/rfc7231
https://www.rfc-editor.org/rfc/rfc7692
https://w3c.github.io/ServiceWorker/
https://jimmy.warting.se/opensource
https://tools.ietf.org/html/rfc7230
https://websockets.spec.whatwg.org/
https://yaml.org/spec/1.2/spec.html
https://mimesniff.spec.whatwg.org/
https://encoding.spec.whatwg.org/
https://streams.spec.whatwg.org/
https://webidl.spec.whatwg.org/
https://api.github.com/graphql
https://fetch.spec.whatwg.org/
https://infra.spec.whatwg.org/
https://w3c.github.io/FileAPI/
https://dom.spec.whatwg.org/
https://url.spec.whatwg.org/
https://xhr.spec.whatwg.org/
https://uploads.github.com
https://tc39.es/ecma262/
-LOW net/url/parse Handles URL strings new URL
-LOW os/env/get Retrieve environment variable values env.GITHUB_EVENT_NAM
env.GITHUB_EVENT_PAT
env.GITHUB_GRAPHQL_U
env.GITHUB_REPOSITOR
env.GITHUB_RUN_ATTEM
env.GITHUB_RUN_NUMBE
env.GITHUB_SERVER_UR
env.GITHUB_WORKSPACE
env.GITHUB_WORKFLOW
env.GITHUB_API_URL
env.JEST_WORKER_ID
env.GITHUB_ACTION
env.GITHUB_RUN_ID
env.GITHUB_ACTOR
env.GITHUB_TOKEN
env.UNDICI_NO_FG
env.HTTPS_PROXY
env.GITHUB_JOB
env.GITHUB_REF
env.GITHUB_SHA
env.HTTP_PROXY
env.NODE_DEBUG
env.NO_PROXY
env.NODE_V
env.PATH
-LOW os/fd/read reads from a file handle transform.read()
reader.read()
socket.read()
stream.read()
-LOW os/fd/write writes to a file handle stderrDecoder.write(data)
stdoutDecoder.write(data)
h2stream.write(buffer)
h2stream.write(chunk)
outStream.write(data)
decoder.write(chunk)
h2stream.write(body)
inflate.write(chunk)
socket.write(buffer)
inflate.write(tail)
socket.write(chunk)
writer.write(chunk)
socket.write(body)
res.write(chunk)

Deleted: /tmp/prior-commit ∴ /tmp/prior-commit/node_modules/baseline-browser-mapping/dist/cli.js [🟡 MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM anti-static/obfuscation/math complex math with parseInt or fromCharCode conversions parseInt
2023-04
04-05
-MEDIUM fs/path/relative references and possibly executes relative path ./index
-LOW data/encoding/int parses integers parseInt(
-LOW fs/path/usr_bin path reference within /usr/bin /usr/bin/env

Deleted: /tmp/prior-commit ∴ /tmp/prior-commit/src/actions/drafter/lib/find-pull-requests/find-commits-with-path-change.ts [🔵 LOW]

RISK KEY DESCRIPTION EVIDENCE
-LOW net/url/embedded contains embedded HTTPS URLs https://docs.github.com/en/graphql/reference/objects

Deleted: /tmp/prior-commit ∴ /tmp/prior-commit/src/tests/drafter/find-commits-with-path-change.test.ts [🔵 LOW]

RISK KEY DESCRIPTION EVIDENCE
-LOW os/env/get Retrieve environment variable values env.GITHUB_TOKEN

Added: /tmp/current-commit ∴ /tmp/current-commit/dist/chunks/ignore.js [🟡 MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM anti-static/obfuscation/js high entropy javascript (>5.37) that uses charAt/substr/join loops var createStandardJSONSchemaMethod = (
var import_fast_content_type_parse = (
var isContentTypeApplicationJson = (
var createToJSONSchemaMethod = (
var parseCommitishForRelease = (
var containsDocumentMarker = (
var intersectionProcessor = (
var nonoptionalProcessor = (
var cleanRangeBackSlash = (
var getConfigFileFromFs = (
var sortMapEntriesByKey = (
var transformProcessor = (
var isContentTypeText = (
var normalizeFilepath = (
var nullableProcessor = (
var optionalProcessor = (
var prefaultProcessor = (
var readonlyProcessor = (
var _safeDecodeAsync = (
var _safeEncodeAsync = (
var booleanProcessor = (
var defaultProcessor = (
var stringifyComment = (
var _safeParseAsync = (
var customProcessor = (
var isNotAnchorChar = (
var makeRegexPrefix = (
var numberProcessor = (
var objectProcessor = (
var stringProcessor = (
var arrayProcessor = (
var catchProcessor = (
var executeGraphql = (
var getFoldOptions = (
var getWindowsInfo = (
var neverProcessor = (
var unionProcessor = (
var __commonJSMin = (
var enumProcessor = (
var escapeTagName = (
var isNotRelative = (
var isScalarValue = (
var lowercaseKeys = (
var pipeProcessor = (
var prettifyError = (
var sanitizeRange = (
var stringToRegex = (
var stringifyJSON = (
var RETURN_FALSE = (
var _decodeAsync = (
var _encodeAsync = (
var checkPattern = (
var getLinuxInfo = (
var getMacOsInfo = (
var setupWindows = (
var splitPattern = (
var __copyProps = (
var __exportAll = (
var _parseAsync = (
var _safeDecode = (
var _safeEncode = (
var initializer = (
var intIdentify = (
var isEmptyPath = (
var isPathValid = (
var lineComment = (
var _safeParse = (
var createRule = (
var getOctokit = (
var isDocument = (
var isMergeKey = (
var stringbool = (
var throwError = (
var checkPath = (
var hasAnchor = (
var isScalar = (
var isString = (
var __toESM = (
var _decode = (
var _encode = (
var factory = (
var getPath = (
var hasPath = (
var isAlias = (
var isBlock = (
var setPath = (
var _parse = (
var define = (
var isPair = (
var isMap = (
var isSeq = (
var noop = (
var uuid = (
+MEDIUM anti-static/obfuscation/math suspicious junk math operations with charAt var BUFFER_SIZE = 16386;
var TICK_MS = 499;
var kSize = 2048;
(U+0009)
(U+0020)
(i + 32)
charAt
+MEDIUM c2/addr/server references a 'server address', possible C2 client serverUrl
+MEDIUM c2/client contains a client ID client_id
+MEDIUM c2/tool_transfer/os references multiple operating systems https://
Windows
http://
windows
darwin
Linux
linux
+MEDIUM crypto/uuid generates a random UUID randomUUID
+MEDIUM data/base64/decode decode base64 strings js_base64_decode::atob(
+MEDIUM data/embedded/base64_terms Contains base64 CERTIFICATE contains_base64::DRVJUSUZJQ0FUR
contains_base64::NFUlRJRklDQVRF
+MEDIUM data/encoding/int performs math directly against parsed integers * parseInt(
+MEDIUM data/encoding/utf16 assembles strings from UTF-16 code units (String.fromCharCode(i + 32)
String.fromCharCode(buf[i])
String.fromCharCode.apply(n
(String.fromCharCode(i))
+MEDIUM discover/system/platform get system identification process.platform
process.versions
os.platform()
process.arch
os.arch()
+MEDIUM exec/cmd/pipe launches program and reads its output getExecOutput
+MEDIUM exec/shell/pipe_sh pipes to shell [
+MEDIUM exec/shell/power runs powershell scripts powershell -command
+MEDIUM fs/file/copy copy files using cp copyFile
+MEDIUM fs/permission/modify modifies file permissions chmod
+MEDIUM net/download download files downloadWorkflowRunLogs
downloadTarballArchive
downloadZipballArchive
downloadArchiveForOrg
downloadArtifact
downloads
+MEDIUM net/http/accept accepts binary files via HTTP application/octet-stream
Accept
+MEDIUM net/http/cookies access HTTP resources using cookies Cookie
HTTP
+MEDIUM net/http/form_upload upload content via HTTP form application/x-www-form-urlencoded
application/json
POST
post
+MEDIUM net/http/post submits form content to websites Content-Type should be a single value.
Content-Type was not one of
Content-Type header.
Content-Type:
HTTP
POST
http
+MEDIUM net/http/webhook supports webhooks updateWebhookConfigForRepo
updateWebhookConfigForApp
updateWebhookConfigForOrg
redeliverWebhookDelivery
getWebhookConfigForRepo
getWebhookConfigForApp
getWebhookConfigForOrg
listWebhookDeliveries
getWebhookDelivery
testPushWebhook
createWebhook
deleteWebhook
listWebhooks
pingWebhook
webhook
+MEDIUM net/http/websocket supports web sockets 258EAFA5-E914-47DA-95CA-C5AB0DC85B11
establishWebSocketConnection
closeWebSocketConnection
WebSocketSendData
kWebSocketOptions
webSocketOptions
kWebSocketURL:
WebSocketInit
+MEDIUM net/ip/addr mentions an 'IP address' IP address
+MEDIUM net/ip/host_port connects to an arbitrary hostname:port host && pending.port
host, protocol, port
host: hostname, port
hostname && A.port
hostname}${port
host}${port
host, port
+MEDIUM net/ip/icmp Uses the ping tool to generate ICMP packets ping received
+MEDIUM net/proxy/tunnel network tunnel proxy crypto
socket
tunnel
Proxy
proxy
+MEDIUM net/socket/listen listen on a socket accept
socket
+MEDIUM net/url/encode encodes URL, likely to pass GET variables urlencode
+MEDIUM sus/intercept References interception interceptors_formatter
interceptorOpts
+LOW anti-behavior/random_behavior uses a random number generator randomFillSync
randomBytes
randomUUID
randomInt
+LOW collect/code/github_api access GitHub API api.github.com
+LOW credential/password references a 'password' _decodedPassword
get password
+LOW crypto/public_key references a 'public key' public-key
PublicKey
+LOW data/compression/gzip works with gzip files gzip
+LOW data/compression/zlib uses zlib zlib
+LOW data/encoding/base64 Supports base64 encoded strings base64
+LOW data/encoding/json_decode Decodes JSON messages JSON.parse
+LOW data/encoding/json_encode encodes JSON JSON.stringify
+LOW data/encoding/yaml Decodes YAML content YAML.parse
+LOW discover/user/USER Looks up the USER name of the current user USER
ENV
+LOW exec/plugin references a 'plugin' const currentPlugins
additionalPlugins
Attach a plugin
static plugins
newPlugins
plugin1
plugin2
plugin3
+LOW fs/directory/create creates directories mkdir
+LOW fs/directory/remove Uses libc functions to remove directories rmdir
+LOW fs/file/append appends to a file appendFile
+LOW fs/file/delete deletes files deleteFile
unlink
+LOW fs/file/open opens files open(
+LOW fs/file/write writes to file writeFile
+LOW net/http Uses the HTTP protocol HTTP
http
+LOW net/http/2 Uses the HTTP/2 protocol HTTP/2
+LOW net/http/accept_encoding set HTTP response encoding format (example: gzip) Accept-Encoding
+LOW net/http/auth makes HTTP requests with Bearer authentication WWW-Authenticate
+LOW net/http/proxy use HTTP proxy that requires authentication Proxy-Authorization
+LOW net/http/request makes HTTP requests httpRequest
User-Agent
HTTP/1.
Referer
+LOW net/socket/send send a message to a socket socket
send
+LOW net/url/embedded contains embedded HTTPS URLs https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionComma
https://github.com/chromium/chromium/blob/694d20d134cb553d8d89e5500b91480
https://html.spec.whatwg.org/multipage/form-control-infrastructure.html
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis
https://html.spec.whatwg.org/multipage/server-sent-events.html
https://bugs.chromium.org/p/chromium/issues/detail?id=398407
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
https://w3c.github.io/webappsec-subresource-integrity/
https://andreubotella.github.io/multipart-form-data/
https://docs.github.com/rest/orgs/security-managers
https://html.spec.whatwg.org/multipage/origin.html
https://html.spec.whatwg.org/multipage/comms.html
https://w3c.github.io/webappsec-referrer-policy/
https://datatracker.ietf.org/doc/html/rfc2616
https://datatracker.ietf.org/doc/html/rfc6455
https://json-schema.org/draft/2020-12/schema
https://caniuse.com/js-regexp-lookbehind
https://github.com/octokit/octokit.js/
https://github.com/paralleldrive/cuid.
https://www.rfc-editor.org/rfc/rfc1738
https://www.rfc-editor.org/rfc/rfc6265
https://www.rfc-editor.org/rfc/rfc7231
https://www.rfc-editor.org/rfc/rfc7692
https://w3c.github.io/ServiceWorker/
https://jimmy.warting.se/opensource
https://tools.ietf.org/html/rfc7230
https://websockets.spec.whatwg.org/
https://yaml.org/spec/1.2/spec.html
https://mimesniff.spec.whatwg.org/
https://encoding.spec.whatwg.org/
https://streams.spec.whatwg.org/
https://webidl.spec.whatwg.org/
https://api.github.com/graphql
https://fetch.spec.whatwg.org/
https://infra.spec.whatwg.org/
https://w3c.github.io/FileAPI/
https://dom.spec.whatwg.org/
https://url.spec.whatwg.org/
https://xhr.spec.whatwg.org/
https://uploads.github.com
https://tc39.es/ecma262/
+LOW net/url/parse Handles URL strings new URL
+LOW os/env/get Retrieve environment variable values env.GITHUB_EVENT_NAM
env.GITHUB_EVENT_PAT
env.GITHUB_GRAPHQL_U
env.GITHUB_REPOSITOR
env.GITHUB_RUN_ATTEM
env.GITHUB_RUN_NUMBE
env.GITHUB_SERVER_UR
env.GITHUB_WORKSPACE
env.GITHUB_WORKFLOW
env.GITHUB_API_URL
env.JEST_WORKER_ID
env.GITHUB_ACTION
env.GITHUB_RUN_ID
env.GITHUB_ACTOR
env.GITHUB_TOKEN
env.UNDICI_NO_FG
env.HTTPS_PROXY
env.GITHUB_JOB
env.GITHUB_REF
env.GITHUB_SHA
env.HTTP_PROXY
env.NODE_DEBUG
env.NO_PROXY
env.NODE_V
env.PATH
+LOW os/fd/read reads from a file handle transform.read()
reader.read()
socket.read()
stream.read()
+LOW os/fd/write writes to a file handle stderrDecoder.write(data)
stdoutDecoder.write(data)
h2stream.write(buffer)
h2stream.write(chunk)
outStream.write(data)
decoder.write(chunk)
h2stream.write(body)
inflate.write(chunk)
socket.write(buffer)
inflate.write(tail)
socket.write(chunk)
writer.write(chunk)
socket.write(body)
res.write(chunk)

Added: /tmp/current-commit ∴ /tmp/current-commit/node_modules/@babel/core/lib/transformation/read-input-source-map-file.js.map [🔵 LOW]

RISK KEY DESCRIPTION EVIDENCE
+LOW fs/file/read reads files fs.readFile
+LOW net/url/embedded contains embedded HTTPS URLs https://github.com/sindresorhus/find-up-simple/blob/f10133c55dcbf36f84a24

Added: /tmp/current-commit ∴ /tmp/current-commit/node_modules/@babel/core/src/transformation/read-input-source-map-file.ts [🔵 LOW]

RISK KEY DESCRIPTION EVIDENCE
+LOW fs/file/read reads files fs.readFile
+LOW fs/file/stat access filesystem metadata fs.statSync(filePath)
+LOW net/url/embedded contains embedded HTTPS URLs https://github.com/sindresorhus/find-up-simple/blob/f10133c55dcbf36f84a24

Added: /tmp/current-commit ∴ /tmp/current-commit/node_modules/@babel/generator/lib/nodes.js [🟡 MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM fs/path/relative references and possibly executes relative path ./generators

Added: /tmp/current-commit ∴ /tmp/current-commit/node_modules/@babel/generator/lib/nodes.js.map [🔵 LOW]

RISK KEY DESCRIPTION EVIDENCE
+LOW os/env/get Retrieve environment variable values env.BABEL_

Added: /tmp/current-commit ∴ /tmp/current-commit/node_modules/baseline-browser-mapping/dist/cli.cjs [🟡 MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM fs/path/relative references and possibly executes relative path ./index
+LOW data/encoding/int parses integers parseInt(
+LOW fs/path/usr_bin path reference within /usr/bin /usr/bin/env

Added: /tmp/current-commit ∴ /tmp/current-commit/src/common/get-pull-request-changed-files.ts [🟡 MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM fs/path/relative references and possibly executes relative path ./get-octokit
+LOW net/http Uses the HTTP protocol HTTP

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code minor Minor semver

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants