go-bds/Maneger
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Releases 71 Wiki Activity

Merge #20

Merged
Sirherobrine23 merged 26 commits from main into stable 2021-01-31 02:44:49 +00:00
Conversation 2 Commits 26 Files Changed 31 +2288 -757
Sirherobrine23 commented 2021-01-31 02:41:41 +00:00
Owner
Copy Link

Much of the Javascript files were reformulated, the next commits in the main branch will be for correction in the Docker image.

Much of the Javascript files were reformulated, the next commits in the main branch will be for correction in the Docker image.
ghost commented 2021-01-31 02:41:50 +00:00 (Migrated from github.com)
Author
Owner
Copy Link

DeepCode's analysis on #624d1d found:

  • 1 critical issue, ⚠️ 5 warnings, ℹ️ 2 minor issues. 👇
  • ✔️ 2 issues were fixed.

Top issues

Description Example fixes
Unsanitized input from an HTTP parameter flows into send, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS). Occurrences: 🔧 Example fixes
Disable X-Powered-By header for your Express app (consider using Helmet middleware), because it exposes information about the used framework to potential attackers. Occurrences: 🔧 Example fixes
Comparing a number (from number literal 0) and a string (from string literal "-0") might behave differently than expected, as implicit conversion is performed. Consider making the conversion explicit if you intend it. Occurrences: 🔧 Example fixes

👉 View analysis in DeepCode’s Dashboard | Configure the bot

## DeepCode's analysis on [#624d1d](https://www.deepcode.ai/app/gh/Bds-Maneger/bds_maneger_api/1c60064d81dd05086570e46e1f0f2eb123e89ddd/Bds-Maneger/bds_maneger_api/624d1dfba07b1386106b0317a83e8d91fa87f695/pr/_/%2F/code/?utm_source=gh_review&c=1&w=5&i=2&) found: - :x: **1** critical issue, :warning: **5** warnings, :information_source: **2** minor issues. :point_down: - :heavy_check_mark: **2** issues were fixed. ## Top issues <table> <thead> <tr> <th align="left">Description</th> <th align="left">Example fixes</th> </tr> </thead> <tbody> <tr> <td width="77%">Unsanitized input from an HTTP parameter flows into send, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS). Occurrences: <ul><li><a href="https://github.com/Bds-Maneger/bds_maneger_api/blob/624d1dfba07b1386106b0317a83e8d91fa87f695/API/gdrive_save.js#L11">gdrive_save.js:11</a></li></ul></td> <td width="23%"><a href="https://www.deepcode.ai/app/gh/Bds-Maneger/bds_maneger_api/1c60064d81dd05086570e46e1f0f2eb123e89ddd/Bds-Maneger/bds_maneger_api/624d1dfba07b1386106b0317a83e8d91fa87f695/pr/_/%2FAPI%2Fgdrive_save.js/javascript%2Fdc_interfile_project%2FXSS/code/?utm_source=gh_review&">:wrench: Example fixes</a></td> </tr> <tr> <td width="77%">Disable X-Powered-By header for your Express app (consider using Helmet middleware), because it exposes information about the used framework to potential attackers. Occurrences: <ul><li><a href="https://github.com/Bds-Maneger/bds_maneger_api/blob/624d1dfba07b1386106b0317a83e8d91fa87f695/API/gdrive_save.js#L4">gdrive_save.js:4</a></li></ul></td> <td width="23%"><a href="https://www.deepcode.ai/app/gh/Bds-Maneger/bds_maneger_api/1c60064d81dd05086570e46e1f0f2eb123e89ddd/Bds-Maneger/bds_maneger_api/624d1dfba07b1386106b0317a83e8d91fa87f695/pr/_/%2FAPI%2Fgdrive_save.js/javascript%2Fdc_interfile_project%2FDisablePoweredBy/code/?utm_source=gh_review&">:wrench: Example fixes</a></td> </tr> <tr> <td width="77%">Comparing a number (from number literal 0) and a string (from string literal "-0") might behave differently than expected, as implicit conversion is performed. Consider making the conversion explicit if you intend it. Occurrences: <ul><li><a href="https://github.com/Bds-Maneger/bds_maneger_api/blob/624d1dfba07b1386106b0317a83e8d91fa87f695/new_script/backups.js#L70">backups.js:70</a></li></ul></td> <td width="23%"><a href="https://www.deepcode.ai/app/gh/Bds-Maneger/bds_maneger_api/1c60064d81dd05086570e46e1f0f2eb123e89ddd/Bds-Maneger/bds_maneger_api/624d1dfba07b1386106b0317a83e8d91fa87f695/pr/_/%2Fnew_script%2Fbackups.js/javascript%2Fdc_interfile_project%2FIncompatibleTypesInComparison/code/?utm_source=gh_review&">:wrench: Example fixes</a></td> </tr> </tbody> </table> #### 👉 View analysis in [**DeepCode’s Dashboard**](https://www.deepcode.ai/app/gh/Bds-Maneger/bds_maneger_api/1c60064d81dd05086570e46e1f0f2eb123e89ddd/Bds-Maneger/bds_maneger_api/624d1dfba07b1386106b0317a83e8d91fa87f695/pr/_/%2F/code/?utm_source=gh_review&c=1&w=5&i=2&) | [_Configure the bot_](https://www.deepcode.ai/app/gh/?ownerconfig=Bds-Maneger)
lgtm-com[bot] commented 2021-01-31 02:45:11 +00:00 (Migrated from github.com)
Author
Owner
Copy Link

This pull request introduces 8 alerts and fixes 21 when merging 624d1dfba0 into 1c60064d81 - view on LGTM.com

new alerts:

  • 4 for Unused variable, import, function or class
  • 2 for Deleting non-property
  • 1 for Expression has no effect
  • 1 for Reflected cross-site scripting

fixed alerts:

  • 19 for Unused variable, import, function or class
  • 2 for Deleting non-property
This pull request **introduces 8 alerts** and **fixes 21** when merging 624d1dfba07b1386106b0317a83e8d91fa87f695 into 1c60064d81dd05086570e46e1f0f2eb123e89ddd - [view on LGTM.com](https://lgtm.com/projects/g/Bds-Maneger/bds_maneger_api/rev/pr-376ca345cb97c058e198ed6d456f03fefce6f4d0) **new alerts:** * 4 for Unused variable, import, function or class * 2 for Deleting non\-property * 1 for Expression has no effect * 1 for Reflected cross\-site scripting **fixed alerts:** * 19 for Unused variable, import, function or class * 2 for Deleting non\-property
This repo is archived. You cannot comment on pull requests.
Reviewers
No Reviewers
Labels
Clear labels
bug
Something isn't working
dependencies
Pull requests that update a dependency file
documentation
Improvements or additions to documentation
duplicate
This issue or pull request already exists
enhancement
New feature or request
github_actions
Pull requests that update Github_actions code
good first issue
Good for newcomers
help wanted
Extra attention is needed
invalid
This doesn't seem right
javascript
Pull requests that update Javascript code
question
Further information is requested
Sirherobrine23
Sirherobrine23 Developments and features
wontfix
This will not be worked on
Compat/Breaking
Breaking change that won't be backward compatible
Kind/Bug
Something is not working
Kind/Documentation
Documentation changes
Kind/Enhancement
Improve existing functionality
Kind/Feature
New functionality
Kind/Security
This is security issue
Kind/Testing
Issue or pull request related to testing
Priority
Critical
The priority is critical
Priority
High
The priority is high
Priority
Low
The priority is low
Priority
Medium
The priority is medium
Reviewed
Confirmed
Issue has been confirmed
Reviewed
Duplicate
This issue or pull request already exists
Reviewed
Invalid
Invalid issue
Reviewed
Won't Fix
This issue won't be fixed
Status
Abandoned
Somebody has started to work on this but abandoned work
Status
Blocked
Something is blocking this issue or pull request
Status
Need More Info
Feedback is required to reproduce issue or to continue work
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: go-bds/Maneger#20
No description provided.
Delete Branch "main"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?