Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Port 0.63.7 #4814

Closed
wants to merge 292 commits into from

Merge remote-tracking branch 'upstream/master' into feature/port_0.63.7

d5c1bd1
Select commit
Loading
Failed to load commit list.
Closed

Port 0.63.7 #4814

Merge remote-tracking branch 'upstream/master' into feature/port_0.63.7
d5c1bd1
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Jul 13, 2024 in 5s

5 new alerts including 4 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 4 high
  • 1 medium

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 1540 in src/becca/entities/bnote.ts

See this annotation in the file changed.

Code scanning / CodeQL

Prototype-polluting assignment Medium

This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
user controlled input
Loading
.
This assignment may alter Object.prototype if a malicious '__proto__' string is injected from
user controlled input
Loading
.

Check failure on line 87 in src/services/sql.ts

See this annotation in the file changed.

Code scanning / CodeQL

Database query built from user-controlled sources High

This query string depends on a
user-provided value
Loading
.
This query string depends on a
user-provided value
Loading
.

Check failure on line 515 in src/services/notes.ts

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<img' and with many repetitions of '<img'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
m

Check failure on line 530 in src/services/notes.ts

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/attachments/'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with 'api/attachments/' and with many repetitions of 'api/at

Check failure on line 616 in src/services/notes.ts

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!"' and with many repetitions of '\thref="data:!;base64,!"'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!">' and with many repetitions of '<a\thref="data:!;base64,!">a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!"' and with many repetitions of '\thref="data:!;base64,!"'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!">' and with many repetitions of '<a\thref="data:!;base64,!">a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!"' and with many repetitions of '\thref="data:!;base64,!"'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!">' and with many repetitions of '<a\thref="data:!;base64,!">a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!"' and with many repetitions of '\thref="data:!;base64,!"'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!">' and with many repetitions of '<a\thref="data:!;base64,!">a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!"' and with many repetitions of '\thref="data:!;base64,!"'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!">' and with many repetitions of '<a\thref="data:!;base64,!">a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!"' and with many repetitions of '\thref="data:!;base64,!"'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!">' and with many repetitions of '<a\thref="data:!;base64,!">a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!"' and with many repetitions of '\thref="data:!;base64,!"'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a\thref="data:!;base64,!">' and with many repetitions of '<a\thref="data:!;base64,!">a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<a' and with many repetitions of '<a'.
This
regular expression
Loading
that depends on
a user-provided value
Loading
may run slow on strings starting with '<