Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[skip netlify] owaspzap #1184

Merged
merged 31 commits into from
Dec 31, 2022
Merged

[skip netlify] owaspzap #1184

merged 31 commits into from
Dec 31, 2022

Conversation

tubone24
Copy link
Owner

No description provided.

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

  • Unused dependencies

    • @popperjs/core
    • @sentry/react
    • @typescript-eslint/eslint-plugin
    • babel-loader
    • babel-polyfill
    • classnames
    • flexboxgrid
    • gatsby-legacy-polyfills
    • gatsby-plugin-flexsearch
    • gatsby-plugin-twitter
    • gatsby-react-router-scroll
    • html-minifier
    • intersection-observer
    • md5
    • preact
    • preact-render-to-string
    • react-body-classname
    • react-dom
    • rimraf
    • sass
    • typescript
    • webpack
  • Unused devdependencies

    • @babel/core
    • @babel/preset-typescript
    • @storybook/addon-a11y
    • @storybook/addon-controls
    • @storybook/addon-essentials
    • @storybook/addon-info
    • @storybook/addon-interactions
    • @storybook/addon-knobs
    • @storybook/addon-links
    • @storybook/addon-storysource
    • @storybook/addon-viewport
    • @storybook/builder-webpack5
    • @storybook/manager-webpack5
    • @textlint-rule/textlint-rule-no-duplicate-abbr
    • @types/jest
    • @types/react-test-renderer
    • @types/responselike
    • axe-core
    • babel-eslint
    • babel-plugin-transform-runtime
    • core-js
    • cross-env
    • css-loader
    • cypress
    • eslint
    • eslint-config-airbnb
    • eslint-import-resolver-webpack
    • eslint-plugin-import
    • eslint-plugin-jsx-a11y
    • eslint-plugin-react
    • gh-pages
    • husky
    • identity-obj-proxy
    • jest
    • jest-environment-jsdom
    • memlab
    • netlify-cli
    • netlify-lambda
    • nyc
    • prettier
    • react-test-renderer
    • sass-loader
    • start-server-and-test
    • stylelint
    • stylelint-config-recess-order
    • stylelint-config-recommended-scss
    • stylelint-config-standard
    • stylelint-scss
    • textlint
    • textlint-filter-rule-allowlist
    • textlint-filter-rule-comments
    • textlint-rule-aws-spellcheck
    • textlint-rule-ja-no-inappropriate-words
    • textlint-rule-no-hoso-kinshi-yogo
    • textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
    • textlint-rule-no-start-duplicated-conjunction
    • textlint-rule-preset-smarthr
    • textlint-rule-prh
    • textlint-rule-terminology
    • ts-jest
    • yaml-lint
  • Missing

    • colors

      • /github/workspace/src/styles/_hover.scss
    • @algolia/transporter

      • /github/workspace/src/components/SearchBox/index.tsx
    • @algolia/client-search

      • /github/workspace/src/components/SearchBox/index.tsx
    • qs

      • /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@coveralls
Copy link
Collaborator

coveralls commented Dec 30, 2022

Pull Request Test Coverage Report for Build 3811858128

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 82.831%

Totals Coverage Status
Change from base Build 3804477950: 0.0%
Covered Lines: 212
Relevant Lines: 245

💛 - Coveralls

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

  • Unused dependencies

    • @popperjs/core
    • @sentry/react
    • @typescript-eslint/eslint-plugin
    • babel-loader
    • babel-polyfill
    • classnames
    • flexboxgrid
    • gatsby-legacy-polyfills
    • gatsby-plugin-flexsearch
    • gatsby-plugin-twitter
    • gatsby-react-router-scroll
    • html-minifier
    • intersection-observer
    • md5
    • preact
    • preact-render-to-string
    • react-body-classname
    • react-dom
    • rimraf
    • sass
    • typescript
    • webpack
  • Unused devdependencies

    • @babel/core
    • @babel/preset-typescript
    • @storybook/addon-a11y
    • @storybook/addon-controls
    • @storybook/addon-essentials
    • @storybook/addon-info
    • @storybook/addon-interactions
    • @storybook/addon-knobs
    • @storybook/addon-links
    • @storybook/addon-storysource
    • @storybook/addon-viewport
    • @storybook/builder-webpack5
    • @storybook/manager-webpack5
    • @textlint-rule/textlint-rule-no-duplicate-abbr
    • @types/jest
    • @types/react-test-renderer
    • @types/responselike
    • axe-core
    • babel-eslint
    • babel-plugin-transform-runtime
    • core-js
    • cross-env
    • css-loader
    • cypress
    • eslint
    • eslint-config-airbnb
    • eslint-import-resolver-webpack
    • eslint-plugin-import
    • eslint-plugin-jsx-a11y
    • eslint-plugin-react
    • gh-pages
    • husky
    • identity-obj-proxy
    • jest
    • jest-environment-jsdom
    • memlab
    • netlify-cli
    • netlify-lambda
    • nyc
    • prettier
    • react-test-renderer
    • sass-loader
    • start-server-and-test
    • stylelint
    • stylelint-config-recess-order
    • stylelint-config-recommended-scss
    • stylelint-config-standard
    • stylelint-scss
    • textlint
    • textlint-filter-rule-allowlist
    • textlint-filter-rule-comments
    • textlint-rule-aws-spellcheck
    • textlint-rule-ja-no-inappropriate-words
    • textlint-rule-no-hoso-kinshi-yogo
    • textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
    • textlint-rule-no-start-duplicated-conjunction
    • textlint-rule-preset-smarthr
    • textlint-rule-prh
    • textlint-rule-terminology
    • ts-jest
    • yaml-lint
  • Missing

    • colors

      • /github/workspace/src/styles/_hover.scss
    • @algolia/transporter

      • /github/workspace/src/components/SearchBox/index.tsx
    • @algolia/client-search

      • /github/workspace/src/components/SearchBox/index.tsx
    • qs

      • /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [7MB] (baseline) [s1] > action-on-page [8.4MB] (target) [s2] > revert [8.4MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 561--
--Retained size of leaked objects: 106.6KB--
[<synthetic>] (synthetic) @1 [9MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9827 [73.4KB]
  --___push (property)--->  [<closure>] (closure) @82507 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @159267 [572 bytes]
  --n (variable)--->  [u] (closure) @204803 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @110743 [31.9KB]
  --i (variable)--->  [Object] (object) @207489 [31.3KB]
  --449 (element)--->  [Object] (object) @264197 [24 bytes]
  --exports (property)--->  [r] (closure) @263083 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @139139 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @110173 [1.3KB]
  --e (variable)--->  [Object] (object) @110153 [1KB]
  --1 (element)--->  [Object] (object) @110155 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @300847 [348 bytes]
  --$node (property)--->  [U] (object) @302839 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @38369 [376 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39837 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39813 [196 bytes]
  --5 (element)--->  [Detached HTMLElement] (native) @39807 [196 bytes]
  --6 (element)--->  [Detached HTMLElement] (native) @39809 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @38929 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @38927 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38773 [196 bytes]
  --3 (element)--->  [Detached HTMLAnchorElement] (native) @38775 [1.3KB]
  --11 (element)--->  [Detached InternalNode] (native) @92962048 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @274415712 [64 bytes]

--Similar leaks in this run: 122--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9827 [73.4KB]
  --___push (property)--->  [<closure>] (closure) @82507 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @159267 [572 bytes]
  --A (variable)--->  [qn] (closure) @204313 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @114241 [16.3KB]
  --Kn (variable)--->  [y] (object) @431079 [368 bytes]
  --props (property)--->  [Object] (object) @471371 [28 bytes]
  --children (property)--->  [Object] (object) @486693 [316 bytes]
  --props (property)--->  [Object] (object) @486695 [56 bytes]
  --children (property)--->  [Object] (object) @453179 [1.2KB]
  --__ (property)--->  [Object] (object) @453195 [1.1KB]
  --__ (property)--->  [Object] (object) @453213 [940 bytes]
  --__ (property)--->  [Object] (object) @453227 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @332521 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @332519 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @332515 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @332875 [8.5KB]
  --3 (element)--->  [Detached HTMLAnchorElement] (native) @332873 [1.3KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @332867 [1.3KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @332861 [1.3KB]
  --12 (element)--->  [Detached InternalNode] (native) @311048416 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @311048256 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @93005344 [56 bytes]

--Similar leaks in this run: 12--
--Retained size of leaked objects: 1.1KB--
[<synthetic>] (synthetic) @1 [9MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9827 [73.4KB]
  --__twttrll (property)--->  [Array] (object) @82383 [184 bytes]
  --push (property)--->  [e] (closure) @278131 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @145253 [248 bytes]
  --n (variable)--->  [Object] (object) @278123 [13KB]
  --102 (element)--->  [Object] (object) @282409 [24 bytes]
  --exports (property)--->  [Object] (object) @282709 [3.4KB]
  --init (property)--->  [init] (closure) @283019 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @283115 [3KB]
  --r (variable)--->  [Detached HTMLFormElement] (native) @39593 [1.8KB]
  --4 (element)--->  [Detached HTMLInputElement] (native) @42077792 [656 bytes]
  --6 (element)--->  [Detached InternalNode] (native) @31180288 [328 bytes]
  --1 (element)--->  [Detached ShadowRoot] (native) @31162688 [328 bytes]
  --4 (element)--->  [Detached V8ObservableArrayCSSStyleSheet] (native) @310925024 [120 bytes]

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [6.5MB] (baseline) [s1] > action-on-page [8MB] (target) [s2] > revert [8MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 672--
--Retained size of leaked objects: 110.9KB--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --___navigate (property)--->  [<closure>] (closure) @216605 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @174581 [572 bytes]
  --n (variable)--->  [u] (closure) @170683 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @98897 [31.8KB]
  --i (variable)--->  [Object] (object) @178361 [31.2KB]
  --449 (element)--->  [Object] (object) @178789 [24 bytes]
  --exports (property)--->  [r] (closure) @111619 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @111901 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @190703 [1.3KB]
  --e (variable)--->  [Object] (object) @190705 [1KB]
  --1 (element)--->  [Object] (object) @89133 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @88105 [348 bytes]
  --$node (property)--->  [U] (object) @87673 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @37731 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @38871 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @38847 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @38883 [196 bytes]
  --4 (element)--->  [Detached HTMLAnchorElement] (native) @38487 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38485 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38483 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38481 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38479 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38477 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38475 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38473 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38471 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @38469 [1.7KB]
  --12 (element)--->  [Detached InternalNode] (native) @304797248 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @269407808 [64 bytes]

--Similar leaks in this run: 167--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --___navigate (property)--->  [<closure>] (closure) @216605 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @174581 [572 bytes]
  --A (variable)--->  [qn] (closure) @112759 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @101357 [16.3KB]
  --Kn (variable)--->  [y] (object) @412253 [368 bytes]
  --props (property)--->  [Object] (object) @452421 [28 bytes]
  --children (property)--->  [Object] (object) @452411 [316 bytes]
  --props (property)--->  [Object] (object) @452413 [56 bytes]
  --children (property)--->  [Object] (object) @439475 [1.2KB]
  --__ (property)--->  [Object] (object) @463215 [1.1KB]
  --__ (property)--->  [Object] (object) @463219 [940 bytes]
  --__ (property)--->  [Object] (object) @439103 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @312115 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @312113 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @312109 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @312657 [8.5KB]
  --6 (element)--->  [Detached HTMLElement] (native) @312675 [15KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @312673 [13.4KB]
  --4 (element)--->  [Detached Text] (native) @95687200 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @95687040 [272 bytes]
  --3 (element)--->  [Detached Text] (native) @95686880 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @95686720 [1.2KB]
  --4 (element)--->  [Detached Text] (native) @95684480 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @95690080 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @95689920 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @95689760 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @95689440 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @95689120 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @95688800 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @95688480 [272 bytes]
  --3 (element)--->  [Detached Text] (native) @95688320 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @95688160 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @95687840 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @95692640 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @95692320 [96 bytes]
  --2 (element)--->  [Detached HTMLDivElement] (native) @95692160 [2.4KB]
  --1 (element)--->  [Detached Text] (native) @95693920 [96 bytes]
  --2 (element)--->  [Detached HTMLElement] (native) @95694240 [432 bytes]
  --6 (element)--->  [Detached InternalNode] (native) @95693760 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @269020832 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @303822368 [56 bytes]

--Similar leaks in this run: 6--
--Retained size of leaked objects: 624 bytes--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --__twttrll (property)--->  [Array] (object) @51517 [184 bytes]
  --push (property)--->  [e] (closure) @51509 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @51751 [248 bytes]
  --n (variable)--->  [Object] (object) @179523 [13KB]
  --162 (element)--->  [Object] (object) @181831 [1KB]
  --exports (property)--->  [<closure>] (closure) @48655 [984 bytes]
  --context (internal)--->  [<function scope>] (object) @48661 [916 bytes]
  --d (variable)--->  [Detached HTMLAnchorElement] (native) @39623 [228 bytes]
  --3 (element)--->  [Detached DOMTokenList] (native) @304178816 [56 bytes]

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

  • Unused dependencies

    • @popperjs/core
    • @sentry/react
    • @typescript-eslint/eslint-plugin
    • babel-loader
    • babel-polyfill
    • classnames
    • flexboxgrid
    • gatsby-legacy-polyfills
    • gatsby-plugin-flexsearch
    • gatsby-plugin-twitter
    • gatsby-react-router-scroll
    • html-minifier
    • intersection-observer
    • md5
    • preact
    • preact-render-to-string
    • react-body-classname
    • react-dom
    • rimraf
    • sass
    • typescript
    • webpack
  • Unused devdependencies

    • @babel/core
    • @babel/preset-typescript
    • @storybook/addon-a11y
    • @storybook/addon-controls
    • @storybook/addon-essentials
    • @storybook/addon-info
    • @storybook/addon-interactions
    • @storybook/addon-knobs
    • @storybook/addon-links
    • @storybook/addon-storysource
    • @storybook/addon-viewport
    • @storybook/builder-webpack5
    • @storybook/manager-webpack5
    • @textlint-rule/textlint-rule-no-duplicate-abbr
    • @types/jest
    • @types/react-test-renderer
    • @types/responselike
    • axe-core
    • babel-eslint
    • babel-plugin-transform-runtime
    • core-js
    • cross-env
    • css-loader
    • cypress
    • eslint
    • eslint-config-airbnb
    • eslint-import-resolver-webpack
    • eslint-plugin-import
    • eslint-plugin-jsx-a11y
    • eslint-plugin-react
    • gh-pages
    • husky
    • identity-obj-proxy
    • jest
    • jest-environment-jsdom
    • memlab
    • netlify-cli
    • netlify-lambda
    • nyc
    • prettier
    • react-test-renderer
    • sass-loader
    • start-server-and-test
    • stylelint
    • stylelint-config-recess-order
    • stylelint-config-recommended-scss
    • stylelint-config-standard
    • stylelint-scss
    • textlint
    • textlint-filter-rule-allowlist
    • textlint-filter-rule-comments
    • textlint-rule-aws-spellcheck
    • textlint-rule-ja-no-inappropriate-words
    • textlint-rule-no-hoso-kinshi-yogo
    • textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
    • textlint-rule-no-start-duplicated-conjunction
    • textlint-rule-preset-smarthr
    • textlint-rule-prh
    • textlint-rule-terminology
    • ts-jest
    • yaml-lint
  • Missing

    • colors

      • /github/workspace/src/styles/_hover.scss
    • @algolia/transporter

      • /github/workspace/src/components/SearchBox/index.tsx
    • @algolia/client-search

      • /github/workspace/src/components/SearchBox/index.tsx
    • qs

      • /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [6.6MB] (baseline) [s1] > action-on-page [8MB] (target) [s2] > revert [8MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 743--
--Retained size of leaked objects: 115.7KB--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --___push (property)--->  [<closure>] (closure) @55507 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @98607 [572 bytes]
  --n (variable)--->  [u] (closure) @161167 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @98669 [32.1KB]
  --i (variable)--->  [Object] (object) @271359 [31.5KB]
  --449 (element)--->  [Object] (object) @156983 [24 bytes]
  --exports (property)--->  [r] (closure) @156989 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @166905 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @161139 [1.3KB]
  --e (variable)--->  [Object] (object) @161141 [1KB]
  --2 (element)--->  [Object] (object) @341829 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @370449 [348 bytes]
  --$input (property)--->  [U] (object) @372605 [96 bytes]
  --0 (element)--->  [Detached HTMLInputElement] (native) @312679 [2.4KB]
  --11 (element)--->  [Detached InternalNode] (native) @20669120 [520 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @20667840 [384 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @269772736 [384 bytes]
  --2 (element)--->  [Detached Attr] (native) @269861760 [96 bytes]

--Similar leaks in this run: 138--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --___push (property)--->  [<closure>] (closure) @55507 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @98607 [572 bytes]
  --A (variable)--->  [qn] (closure) @179461 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @106985 [16.3KB]
  --Kn (variable)--->  [y] (object) @411165 [368 bytes]
  --props (property)--->  [Object] (object) @427655 [28 bytes]
  --children (property)--->  [Object] (object) @467781 [316 bytes]
  --props (property)--->  [Object] (object) @467783 [56 bytes]
  --children (property)--->  [Object] (object) @411391 [1.2KB]
  --__ (property)--->  [Object] (object) @468937 [1.1KB]
  --__ (property)--->  [Object] (object) @468941 [940 bytes]
  --__ (property)--->  [Object] (object) @411015 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @313045 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @313043 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @313041 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @312861 [8.5KB]
  --3 (element)--->  [Detached HTMLAnchorElement] (native) @312859 [1.3KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @313359 [1.3KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @313353 [1.3KB]
  --6 (element)--->  [Detached DOMTokenList] (native) @89942912 [56 bytes]

--Similar leaks in this run: 9--
--Retained size of leaked objects: 776 bytes--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --__twttrll (property)--->  [Array] (object) @55601 [184 bytes]
  --push (property)--->  [e] (closure) @285257 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @119709 [248 bytes]
  --n (variable)--->  [Object] (object) @275231 [13KB]
  --102 (element)--->  [Object] (object) @276437 [24 bytes]
  --exports (property)--->  [Object] (object) @275901 [3.5KB]
  --init (property)--->  [init] (closure) @276863 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @277373 [3.1KB]
  --r (variable)--->  [Detached HTMLFormElement] (native) @37471 [1.8KB]
  --5 (element)--->  [Detached HTMLInputElement] (native) @37463 [684 bytes]
  --8 (element)--->  [Detached InternalNode] (native) @302197376 [328 bytes]
  --1 (element)--->  [Detached ShadowRoot] (native) @89871776 [328 bytes]

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

  • Unused dependencies

    • @popperjs/core
    • @sentry/react
    • @typescript-eslint/eslint-plugin
    • babel-loader
    • babel-polyfill
    • classnames
    • flexboxgrid
    • gatsby-legacy-polyfills
    • gatsby-plugin-flexsearch
    • gatsby-plugin-twitter
    • gatsby-react-router-scroll
    • html-minifier
    • intersection-observer
    • md5
    • preact
    • preact-render-to-string
    • react-body-classname
    • react-dom
    • rimraf
    • sass
    • typescript
    • webpack
  • Unused devdependencies

    • @babel/core
    • @babel/preset-typescript
    • @storybook/addon-a11y
    • @storybook/addon-controls
    • @storybook/addon-essentials
    • @storybook/addon-info
    • @storybook/addon-interactions
    • @storybook/addon-knobs
    • @storybook/addon-links
    • @storybook/addon-storysource
    • @storybook/addon-viewport
    • @storybook/builder-webpack5
    • @storybook/manager-webpack5
    • @textlint-rule/textlint-rule-no-duplicate-abbr
    • @types/jest
    • @types/react-test-renderer
    • @types/responselike
    • axe-core
    • babel-eslint
    • babel-plugin-transform-runtime
    • core-js
    • cross-env
    • css-loader
    • cypress
    • eslint
    • eslint-config-airbnb
    • eslint-import-resolver-webpack
    • eslint-plugin-import
    • eslint-plugin-jsx-a11y
    • eslint-plugin-react
    • gh-pages
    • husky
    • identity-obj-proxy
    • jest
    • jest-environment-jsdom
    • memlab
    • netlify-cli
    • netlify-lambda
    • nyc
    • prettier
    • react-test-renderer
    • sass-loader
    • start-server-and-test
    • stylelint
    • stylelint-config-recess-order
    • stylelint-config-recommended-scss
    • stylelint-config-standard
    • stylelint-scss
    • textlint
    • textlint-filter-rule-allowlist
    • textlint-filter-rule-comments
    • textlint-rule-aws-spellcheck
    • textlint-rule-ja-no-inappropriate-words
    • textlint-rule-no-hoso-kinshi-yogo
    • textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
    • textlint-rule-no-start-duplicated-conjunction
    • textlint-rule-preset-smarthr
    • textlint-rule-prh
    • textlint-rule-terminology
    • ts-jest
    • yaml-lint
  • Missing

    • colors

      • /github/workspace/src/styles/_hover.scss
    • @algolia/transporter

      • /github/workspace/src/components/SearchBox/index.tsx
    • @algolia/client-search

      • /github/workspace/src/components/SearchBox/index.tsx
    • qs

      • /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [7.1MB] (baseline) [s1] > action-on-page [8.4MB] (target) [s2] > revert [8.4MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 594--
--Retained size of leaked objects: 109.1KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___push (property)--->  [<closure>] (closure) @94407 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @94413 [572 bytes]
  --n (variable)--->  [u] (closure) @238667 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @94485 [31.9KB]
  --i (variable)--->  [Object] (object) @250385 [31.3KB]
  --449 (element)--->  [Object] (object) @250435 [24 bytes]
  --exports (property)--->  [r] (closure) @312209 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @159559 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @159555 [1.3KB]
  --e (variable)--->  [Object] (object) @312693 [1KB]
  --1 (element)--->  [Object] (object) @184141 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @241399 [348 bytes]
  --$node (property)--->  [U] (object) @241479 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @38173 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39569 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39545 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @39581 [196 bytes]
  --4 (element)--->  [Detached HTMLAnchorElement] (native) @39155 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39153 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39151 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39149 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39147 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39145 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39143 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39141 [1.7KB]
  --12 (element)--->  [Detached InternalNode] (native) @280730976 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @312256352 [64 bytes]

--Similar leaks in this run: 116--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___push (property)--->  [<closure>] (closure) @94407 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @94413 [572 bytes]
  --A (variable)--->  [qn] (closure) @238565 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @163755 [16.3KB]
  --Kn (variable)--->  [y] (object) @435183 [368 bytes]
  --props (property)--->  [Object] (object) @456377 [28 bytes]
  --children (property)--->  [Object] (object) @456117 [316 bytes]
  --props (property)--->  [Object] (object) @456119 [56 bytes]
  --children (property)--->  [Object] (object) @456371 [1.2KB]
  --__ (property)--->  [Object] (object) @470699 [1.1KB]
  --__ (property)--->  [Object] (object) @470703 [940 bytes]
  --__ (property)--->  [Object] (object) @469927 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @334779 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334777 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334775 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334773 [4.3KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334771 [4.1KB]
  --4 (element)--->  [Detached HTMLDivElement] (native) @334763 [3.5KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334761 [3KB]
  --3 (element)--->  [Detached HTMLPictureElement] (native) @334759 [2.5KB]
  --7 (element)--->  [Detached InternalNode] (native) @100866464 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @312400704 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @312400544 [56 bytes]

--Similar leaks in this run: 9--
--Retained size of leaked objects: 808 bytes--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --__twttrll (property)--->  [Array] (object) @64161 [184 bytes]
  --push (property)--->  [e] (closure) @230453 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @64143 [248 bytes]
  --n (variable)--->  [Object] (object) @230445 [13KB]
  --162 (element)--->  [Object] (object) @276443 [1KB]
  --exports (property)--->  [<closure>] (closure) @276945 [984 bytes]
  --context (internal)--->  [<function scope>] (object) @225129 [916 bytes]
  --d (variable)--->  [Detached HTMLAnchorElement] (native) @40485 [228 bytes]
  --3 (element)--->  [Detached DOMTokenList] (native) @312521216 [56 bytes]

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

  • Unused dependencies

    • @popperjs/core
    • @sentry/react
    • @typescript-eslint/eslint-plugin
    • babel-loader
    • babel-polyfill
    • classnames
    • flexboxgrid
    • gatsby-legacy-polyfills
    • gatsby-plugin-flexsearch
    • gatsby-plugin-twitter
    • gatsby-react-router-scroll
    • html-minifier
    • intersection-observer
    • md5
    • preact
    • preact-render-to-string
    • react-body-classname
    • react-dom
    • rimraf
    • sass
    • typescript
    • webpack
  • Unused devdependencies

    • @babel/core
    • @babel/preset-typescript
    • @storybook/addon-a11y
    • @storybook/addon-controls
    • @storybook/addon-essentials
    • @storybook/addon-info
    • @storybook/addon-interactions
    • @storybook/addon-knobs
    • @storybook/addon-links
    • @storybook/addon-storysource
    • @storybook/addon-viewport
    • @storybook/builder-webpack5
    • @storybook/manager-webpack5
    • @textlint-rule/textlint-rule-no-duplicate-abbr
    • @types/jest
    • @types/react-test-renderer
    • @types/responselike
    • axe-core
    • babel-eslint
    • babel-plugin-transform-runtime
    • core-js
    • cross-env
    • css-loader
    • cypress
    • eslint
    • eslint-config-airbnb
    • eslint-import-resolver-webpack
    • eslint-plugin-import
    • eslint-plugin-jsx-a11y
    • eslint-plugin-react
    • gh-pages
    • husky
    • identity-obj-proxy
    • jest
    • jest-environment-jsdom
    • memlab
    • netlify-cli
    • netlify-lambda
    • nyc
    • prettier
    • react-test-renderer
    • sass-loader
    • start-server-and-test
    • stylelint
    • stylelint-config-recess-order
    • stylelint-config-recommended-scss
    • stylelint-config-standard
    • stylelint-scss
    • textlint
    • textlint-filter-rule-allowlist
    • textlint-filter-rule-comments
    • textlint-rule-aws-spellcheck
    • textlint-rule-ja-no-inappropriate-words
    • textlint-rule-no-hoso-kinshi-yogo
    • textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
    • textlint-rule-no-start-duplicated-conjunction
    • textlint-rule-preset-smarthr
    • textlint-rule-prh
    • textlint-rule-terminology
    • ts-jest
    • yaml-lint
  • Missing

    • colors

      • /github/workspace/src/styles/_hover.scss
    • @algolia/transporter

      • /github/workspace/src/components/SearchBox/index.tsx
    • @algolia/client-search

      • /github/workspace/src/components/SearchBox/index.tsx
    • qs

      • /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [7MB] (baseline) [s1] > action-on-page [8.4MB] (target) [s2] > revert [8.4MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 618--
--Retained size of leaked objects: 108KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [74.3KB]
  --___replace (property)--->  [<closure>] (closure) @280449 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @215207 [572 bytes]
  --n (variable)--->  [u] (closure) @93395 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @94033 [31.9KB]
  --i (variable)--->  [Object] (object) @238781 [31.3KB]
  --449 (element)--->  [Object] (object) @248973 [24 bytes]
  --exports (property)--->  [r] (closure) @126039 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @126147 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @127331 [1.3KB]
  --e (variable)--->  [Object] (object) @127311 [1KB]
  --2 (element)--->  [Object] (object) @376503 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @377609 [348 bytes]
  --$node (property)--->  [U] (object) @406661 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @334011 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @334555 [7.8KB]
  --6 (element)--->  [Detached HTMLDivElement] (native) @334643 [196 bytes]
  --4 (element)--->  [Detached HTMLHRElement] (native) @334557 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @334581 [196 bytes]
  --6 (element)--->  [Detached HTMLHRElement] (native) @334583 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @334109 [196 bytes]
  --3 (element)--->  [Detached HTMLParagraphElement] (native) @334105 [516 bytes]
  --6 (element)--->  [Detached HTMLAnchorElement] (native) @334081 [1.4KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @334065 [1.4KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @334047 [1.4KB]
  --12 (element)--->  [Detached InternalNode] (native) @316366432 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @316337824 [64 bytes]

--Similar leaks in this run: 124--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [74.3KB]
  --___replace (property)--->  [<closure>] (closure) @280449 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @215207 [572 bytes]
  --A (variable)--->  [qn] (closure) @106469 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @106539 [16.3KB]
  --Kn (variable)--->  [y] (object) @436527 [368 bytes]
  --props (property)--->  [Object] (object) @477659 [28 bytes]
  --children (property)--->  [Object] (object) @477677 [316 bytes]
  --props (property)--->  [Object] (object) @478735 [56 bytes]
  --children (property)--->  [Object] (object) @466065 [1.2KB]
  --__ (property)--->  [Object] (object) @480861 [1.1KB]
  --__ (property)--->  [Object] (object) @480865 [940 bytes]
  --__ (property)--->  [Object] (object) @465739 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @334749 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334747 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334745 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @334085 [8.5KB]
  --3 (element)--->  [Detached HTMLAnchorElement] (native) @334083 [1.3KB]
  --7 (element)--->  [Detached HTMLSpanElement] (native) @334071 [196 bytes]
  --4 (element)--->  [Detached InternalNode] (native) @96310752 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @317083008 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @316337344 [56 bytes]

--Similar leaks in this run: 6--
--Retained size of leaked objects: 432 bytes--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [74.3KB]
  --__twttrll (property)--->  [Array] (object) @80699 [184 bytes]
  --push (property)--->  [e] (closure) @93117 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @80683 [248 bytes]
  --n (variable)--->  [Object] (object) @93109 [13KB]
  --101 (element)--->  [Object] (object) @101391 [24 bytes]
  --exports (property)--->  [o] (closure) @93127 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @81705 [6.2KB]
  --g (variable)--->  [Detached Text] (native) @40369 [396 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @281161920 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @280868128 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @280867968 [272 bytes]
  --1 (element)--->  [Detached MutationObserverRegistration] (native) @281458272 [272 bytes]
  --1 (element)--->  [Detached MutationObserver] (native) @316333344 [192 bytes]

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

  • Unused dependencies

    • @popperjs/core
    • @sentry/react
    • @typescript-eslint/eslint-plugin
    • babel-loader
    • babel-polyfill
    • classnames
    • flexboxgrid
    • gatsby-legacy-polyfills
    • gatsby-plugin-flexsearch
    • gatsby-plugin-twitter
    • gatsby-react-router-scroll
    • html-minifier
    • intersection-observer
    • md5
    • preact
    • preact-render-to-string
    • react-body-classname
    • react-dom
    • rimraf
    • sass
    • typescript
    • webpack
  • Unused devdependencies

    • @babel/core
    • @babel/preset-typescript
    • @storybook/addon-a11y
    • @storybook/addon-controls
    • @storybook/addon-essentials
    • @storybook/addon-info
    • @storybook/addon-interactions
    • @storybook/addon-knobs
    • @storybook/addon-links
    • @storybook/addon-storysource
    • @storybook/addon-viewport
    • @storybook/builder-webpack5
    • @storybook/manager-webpack5
    • @textlint-rule/textlint-rule-no-duplicate-abbr
    • @types/jest
    • @types/react-test-renderer
    • @types/responselike
    • axe-core
    • babel-eslint
    • babel-plugin-transform-runtime
    • core-js
    • cross-env
    • css-loader
    • cypress
    • eslint
    • eslint-config-airbnb
    • eslint-import-resolver-webpack
    • eslint-plugin-import
    • eslint-plugin-jsx-a11y
    • eslint-plugin-react
    • gh-pages
    • husky
    • identity-obj-proxy
    • jest
    • jest-environment-jsdom
    • memlab
    • netlify-cli
    • netlify-lambda
    • nyc
    • prettier
    • react-test-renderer
    • sass-loader
    • start-server-and-test
    • stylelint
    • stylelint-config-recess-order
    • stylelint-config-recommended-scss
    • stylelint-config-standard
    • stylelint-scss
    • textlint
    • textlint-filter-rule-allowlist
    • textlint-filter-rule-comments
    • textlint-rule-aws-spellcheck
    • textlint-rule-ja-no-inappropriate-words
    • textlint-rule-no-hoso-kinshi-yogo
    • textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
    • textlint-rule-no-start-duplicated-conjunction
    • textlint-rule-preset-smarthr
    • textlint-rule-prh
    • textlint-rule-terminology
    • ts-jest
    • yaml-lint
  • Missing

    • colors

      • /github/workspace/src/styles/_hover.scss
    • @algolia/transporter

      • /github/workspace/src/components/SearchBox/index.tsx
    • @algolia/client-search

      • /github/workspace/src/components/SearchBox/index.tsx
    • qs

      • /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

  • Unused dependencies

    • @popperjs/core
    • @sentry/react
    • @typescript-eslint/eslint-plugin
    • babel-loader
    • babel-polyfill
    • classnames
    • flexboxgrid
    • gatsby-legacy-polyfills
    • gatsby-plugin-flexsearch
    • gatsby-plugin-twitter
    • gatsby-react-router-scroll
    • html-minifier
    • intersection-observer
    • md5
    • preact
    • preact-render-to-string
    • react-body-classname
    • react-dom
    • rimraf
    • sass
    • typescript
    • webpack
  • Unused devdependencies

    • @babel/core
    • @babel/preset-typescript
    • @storybook/addon-a11y
    • @storybook/addon-controls
    • @storybook/addon-essentials
    • @storybook/addon-info
    • @storybook/addon-interactions
    • @storybook/addon-knobs
    • @storybook/addon-links
    • @storybook/addon-storysource
    • @storybook/addon-viewport
    • @storybook/builder-webpack5
    • @storybook/manager-webpack5
    • @textlint-rule/textlint-rule-no-duplicate-abbr
    • @types/jest
    • @types/react-test-renderer
    • @types/responselike
    • axe-core
    • babel-eslint
    • babel-plugin-transform-runtime
    • core-js
    • cross-env
    • css-loader
    • cypress
    • eslint
    • eslint-config-airbnb
    • eslint-import-resolver-webpack
    • eslint-plugin-import
    • eslint-plugin-jsx-a11y
    • eslint-plugin-react
    • gh-pages
    • husky
    • identity-obj-proxy
    • jest
    • jest-environment-jsdom
    • memlab
    • netlify-cli
    • netlify-lambda
    • nyc
    • prettier
    • react-test-renderer
    • sass-loader
    • start-server-and-test
    • stylelint
    • stylelint-config-recess-order
    • stylelint-config-recommended-scss
    • stylelint-config-standard
    • stylelint-scss
    • textlint
    • textlint-filter-rule-allowlist
    • textlint-filter-rule-comments
    • textlint-rule-aws-spellcheck
    • textlint-rule-ja-no-inappropriate-words
    • textlint-rule-no-hoso-kinshi-yogo
    • textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
    • textlint-rule-no-start-duplicated-conjunction
    • textlint-rule-preset-smarthr
    • textlint-rule-prh
    • textlint-rule-terminology
    • ts-jest
    • yaml-lint
  • Missing

    • colors

      • /github/workspace/src/styles/_hover.scss
    • @algolia/transporter

      • /github/workspace/src/components/SearchBox/index.tsx
    • @algolia/client-search

      • /github/workspace/src/components/SearchBox/index.tsx
    • qs

      • /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

1 similar comment
@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63aee46ab52be20a76ffb3c0
Website Draft URL: https://63aee46ab52be20a76ffb3c0--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63aee499d3f957070b4bcf0f
Website Draft URL: https://63aee499d3f957070b4bcf0f--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [6.6MB] (baseline) [s1] > action-on-page [8MB] (target) [s2] > revert [8MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 527--
--Retained size of leaked objects: 104.7KB--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --___replace (property)--->  [<closure>] (closure) @55525 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @99325 [572 bytes]
  --n (variable)--->  [u] (closure) @116419 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @99387 [32.1KB]
  --i (variable)--->  [Object] (object) @116417 [31.5KB]
  --449 (element)--->  [Object] (object) @208723 [24 bytes]
  --exports (property)--->  [r] (closure) @208725 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @214029 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @169619 [1.3KB]
  --e (variable)--->  [Object] (object) @169599 [1KB]
  --1 (element)--->  [Object] (object) @169601 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @186379 [348 bytes]
  --$node (property)--->  [U] (object) @186487 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @37725 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @38855 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @38831 [196 bytes]
  --5 (element)--->  [Detached HTMLElement] (native) @38823 [196 bytes]
  --6 (element)--->  [Detached HTMLElement] (native) @38825 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @39429 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @39413 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38653 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @38657 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38671 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38673 [196 bytes]
  --4 (element)--->  [Detached HTMLAnchorElement] (native) @38683 [1.7KB]
  --11 (element)--->  [Detached InternalNode] (native) @266073952 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @304001216 [64 bytes]

--Similar leaks in this run: 96--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --___replace (property)--->  [<closure>] (closure) @55525 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @99325 [572 bytes]
  --A (variable)--->  [qn] (closure) @116733 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @116471 [16.3KB]
  --Kn (variable)--->  [y] (object) @414671 [368 bytes]
  --props (property)--->  [Object] (object) @450275 [28 bytes]
  --children (property)--->  [Object] (object) @453771 [316 bytes]
  --props (property)--->  [Object] (object) @453805 [56 bytes]
  --children (property)--->  [Object] (object) @429257 [1.2KB]
  --__ (property)--->  [Object] (object) @429277 [1.1KB]
  --__ (property)--->  [Object] (object) @429297 [940 bytes]
  --__ (property)--->  [Object] (object) @429319 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @311169 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @311167 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @311165 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @311249 [8.5KB]
  --6 (element)--->  [Detached HTMLElement] (native) @311267 [15KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @311265 [13.4KB]
  --4 (element)--->  [Detached Text] (native) @266315136 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @266394432 [272 bytes]
  --3 (element)--->  [Detached Text] (native) @266395232 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @266394912 [1.2KB]
  --4 (element)--->  [Detached Text] (native) @33879264 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @266377952 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @266389792 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @266377312 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @266378112 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @266378592 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @266379872 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @266379392 [272 bytes]
  --5 (element)--->  [Detached InternalNode] (native) @266532064 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @266531904 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @304086592 [56 bytes]

--Similar leaks in this run: 9--
--Retained size of leaked objects: 968 bytes--
[<synthetic>] (synthetic) @1 [8.6MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [58.4KB]
  --__twttrll (property)--->  [Array] (object) @55413 [184 bytes]
  --push (property)--->  [e] (closure) @127121 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @74189 [248 bytes]
  --n (variable)--->  [Object] (object) @279547 [13KB]
  --101 (element)--->  [Object] (object) @272351 [24 bytes]
  --exports (property)--->  [o] (closure) @126983 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @75181 [6.2KB]
  --g (variable)--->  [Detached Text] (native) @39525 [396 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @95000672 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @95000992 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @95000832 [272 bytes]
  --1 (element)--->  [Detached MutationObserverRegistration] (native) @95001152 [272 bytes]
  --1 (element)--->  [Detached MutationObserver] (native) @304741472 [192 bytes]
  --1 (element)--->  [Detached MutationObserver::Delegate] (native) @304741312 [80 bytes]
  --1 (element)--->  [Detached V8MutationCallback] (native) @95000512 [40 bytes]

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
- webpack
Unused devdependencies
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- babel-eslint
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- cypress
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-hoso-kinshi-yogo
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63afe002e886cc6435dd14ac
Website Draft URL: https://63afe002e886cc6435dd14ac--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/63afe05413d1a06b01278411
Website Draft URL: https://63afe05413d1a06b01278411--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Lighthouse Score

Desktop

performance: 88
accessibility: 100
best-practices: 100
seo: 92
pwa: 100

Mobile

performance: 66
accessibility: 100
best-practices: 92
seo: 93
pwa: 100

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
- webpack
Unused devdependencies
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- babel-eslint
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- cypress
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-hoso-kinshi-yogo
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63afe2551e7aa469b80441df
Website Draft URL: https://63afe2551e7aa469b80441df--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [7MB] (baseline) [s1] > action-on-page [8.4MB] (target) [s2] > revert [8.4MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 541--
--Retained size of leaked objects: 106.1KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___navigate (property)--->  [<closure>] (closure) @106649 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @60069 [572 bytes]
  --n (variable)--->  [u] (closure) @83927 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @87901 [32KB]
  --i (variable)--->  [Object] (object) @232363 [31.5KB]
  --449 (element)--->  [Object] (object) @202951 [24 bytes]
  --exports (property)--->  [r] (closure) @83463 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @153487 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @83887 [1.3KB]
  --e (variable)--->  [Object] (object) @83889 [1KB]
  --1 (element)--->  [Object] (object) @205565 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @282663 [348 bytes]
  --$node (property)--->  [U] (object) @282667 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @38209 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39511 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39487 [196 bytes]
  --5 (element)--->  [Detached HTMLElement] (native) @39481 [196 bytes]
  --6 (element)--->  [Detached HTMLElement] (native) @39483 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @39225 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @39223 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @39221 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @39219 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38449 [196 bytes]
  --3 (element)--->  [Detached HTMLAnchorElement] (native) @38451 [1.3KB]
  --11 (element)--->  [Detached InternalNode] (native) @278270176 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @311312320 [64 bytes]

--Similar leaks in this run: 136--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___navigate (property)--->  [<closure>] (closure) @106649 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @60069 [572 bytes]
  --A (variable)--->  [qn] (closure) @86165 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @63845 [16.3KB]
  --Kn (variable)--->  [y] (object) @440663 [368 bytes]
  --props (property)--->  [Object] (object) @468311 [28 bytes]
  --children (property)--->  [Object] (object) @467855 [316 bytes]
  --props (property)--->  [Object] (object) @468439 [56 bytes]
  --children (property)--->  [Object] (object) @468441 [1.2KB]
  --__ (property)--->  [Object] (object) @489857 [1.1KB]
  --__ (property)--->  [Object] (object) @489867 [940 bytes]
  --__ (property)--->  [Object] (object) @489881 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @333625 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @333623 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @333615 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @333353 [8.5KB]
  --6 (element)--->  [Detached HTMLElement] (native) @333371 [15KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @333369 [13.4KB]
  --4 (element)--->  [Detached Text] (native) @98026528 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @312215424 [272 bytes]
  --3 (element)--->  [Detached Text] (native) @97970912 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @97965152 [1.2KB]
  --4 (element)--->  [Detached Text] (native) @97971072 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @97970592 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @97970272 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @311927552 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @97714336 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @97969952 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @97969632 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @97975552 [272 bytes]
  --3 (element)--->  [Detached Text] (native) @97975392 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @97975232 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @97974432 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @97974752 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @97974592 [96 bytes]
  --2 (element)--->  [Detached HTMLDivElement] (native) @97715616 [2.4KB]
  --4 (element)--->  [Detached Text] (native) @97719616 [96 bytes]
  --2 (element)--->  [Detached HTMLBRElement] (native) @97718976 [168 bytes]
  --4 (element)--->  [Detached InternalNode] (native) @97718656 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @311418464 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @311373056 [56 bytes]

--Similar leaks in this run: 8--
--Retained size of leaked objects: 1.1KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --__twttrll (property)--->  [Array] (object) @167897 [184 bytes]
  --push (property)--->  [e] (closure) @257323 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @167881 [248 bytes]
  --n (variable)--->  [Object] (object) @257315 [13KB]
  --102 (element)--->  [Object] (object) @262959 [24 bytes]
  --exports (property)--->  [Object] (object) @263271 [3.5KB]
  --init (property)--->  [init] (closure) @263741 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @263835 [3.1KB]
  --r (variable)--->  [Detached HTMLFormElement] (native) @37853 [1.8KB]
  --6 (element)--->  [Detached InternalNode] (native) @278243968 [252 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @68586464 [252 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @311488800 [252 bytes]
  --2 (element)--->  [Detached HTMLFormControlsCollection] (native) @311588544 [120 bytes]

@github-actions
Copy link
Contributor

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/63afe2b415b1fe6c3ebb432c
Website Draft URL: https://63afe2b415b1fe6c3ebb432c--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Lighthouse Score

Desktop

performance: 93
accessibility: 100
best-practices: 92
seo: 92
pwa: 100

Mobile

performance: 87
accessibility: 100
best-practices: 83
seo: 93
pwa: 100

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
- webpack
Unused devdependencies
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- babel-eslint
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- cypress
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-hoso-kinshi-yogo
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63afed3c13d1a0747927866d
Website Draft URL: https://63afed3c13d1a0747927866d--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [7.1MB] (baseline) [s1] > action-on-page [8.4MB] (target) [s2] > revert [8.4MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 563--
--Retained size of leaked objects: 106.4KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___replace (property)--->  [<closure>] (closure) @57063 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @79513 [572 bytes]
  --n (variable)--->  [u] (closure) @104027 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @79575 [31.9KB]
  --i (variable)--->  [Object] (object) @260287 [31.3KB]
  --449 (element)--->  [Object] (object) @146755 [24 bytes]
  --exports (property)--->  [r] (closure) @146761 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @266875 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @155777 [1.3KB]
  --e (variable)--->  [Object] (object) @155757 [1KB]
  --1 (element)--->  [Object] (object) @155759 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @194875 [348 bytes]
  --$node (property)--->  [U] (object) @195671 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @38329 [376 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39737 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39715 [196 bytes]
  --5 (element)--->  [Detached HTMLElement] (native) @39707 [196 bytes]
  --6 (element)--->  [Detached HTMLElement] (native) @39709 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38807 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @38809 [196 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @38811 [196 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @38813 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @39075 [196 bytes]
  --6 (element)--->  [Detached InternalNode] (native) @93941728 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @272410144 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @272409984 [56 bytes]

--Similar leaks in this run: 118--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___replace (property)--->  [<closure>] (closure) @57063 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @79513 [572 bytes]
  --A (variable)--->  [qn] (closure) @110561 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @102997 [16.3KB]
  --Kn (variable)--->  [y] (object) @428741 [368 bytes]
  --props (property)--->  [Object] (object) @466203 [28 bytes]
  --children (property)--->  [Object] (object) @465913 [316 bytes]
  --props (property)--->  [Object] (object) @465915 [56 bytes]
  --children (property)--->  [Object] (object) @439761 [1.2KB]
  --__ (property)--->  [Object] (object) @473681 [1.1KB]
  --__ (property)--->  [Object] (object) @473685 [940 bytes]
  --__ (property)--->  [Object] (object) @439481 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @333465 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @333463 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @333455 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @333803 [8.5KB]
  --6 (element)--->  [Detached HTMLElement] (native) @333821 [15KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @333819 [13.4KB]
  --3 (element)--->  [Detached Text] (native) @94010784 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @94010944 [264 bytes]
  --5 (element)--->  [Detached Text] (native) @94010624 [96 bytes]
  --3 (element)--->  [Detached HTMLImageElement] (native) @94006304 [272 bytes]
  --5 (element)--->  [Detached InternalNode] (native) @92798208 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @92798048 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @272189248 [56 bytes]

--Similar leaks in this run: 10--
--Retained size of leaked objects: 760 bytes--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --__twttrll (property)--->  [Array] (object) @57017 [184 bytes]
  --push (property)--->  [e] (closure) @97293 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @97279 [248 bytes]
  --n (variable)--->  [Object] (object) @97283 [13KB]
  --102 (element)--->  [Object] (object) @113249 [24 bytes]
  --exports (property)--->  [Object] (object) @114529 [3.5KB]
  --init (property)--->  [init] (closure) @312215 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @312307 [3.1KB]
  --r (variable)--->  [Detached HTMLFormElement] (native) @37985 [1.8KB]
  --6 (element)--->  [Detached InternalNode] (native) @93001984 [252 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @93021664 [252 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @309401536 [252 bytes]
  --2 (element)--->  [Detached HTMLFormControlsCollection] (native) @308856800 [120 bytes]

@github-actions
Copy link
Contributor

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/63afedaaaf32d16ed052f636
Website Draft URL: https://63afedaaaf32d16ed052f636--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Lighthouse Score

Desktop

performance: 92
accessibility: 100
best-practices: 92
seo: 92
pwa: 100

Mobile

performance: 80
accessibility: 100
best-practices: 83
seo: 93
pwa: 100

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
- webpack
Unused devdependencies
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- babel-eslint
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- cypress
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-hoso-kinshi-yogo
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1653 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 131
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

Memlab leaks report

page-load [7MB] (baseline) [s1] > action-on-page [8.4MB] (target) [s2] > revert [8.4MB] (final) [s3]  
------2 clusters------

--Similar leaks in this run: 593--
--Retained size of leaked objects: 105.9KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___navigate (property)--->  [<closure>] (closure) @56595 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @125145 [572 bytes]
  --n (variable)--->  [u] (closure) @169431 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @125207 [31.7KB]
  --i (variable)--->  [Object] (object) @284275 [31.1KB]
  --449 (element)--->  [Object] (object) @167181 [24 bytes]
  --exports (property)--->  [r] (closure) @167187 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @172121 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @169403 [1.3KB]
  --e (variable)--->  [Object] (object) @169405 [1KB]
  --1 (element)--->  [Object] (object) @185165 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @216661 [348 bytes]
  --$node (property)--->  [U] (object) @216669 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @38105 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39403 [7.7KB]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39379 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @39415 [196 bytes]
  --3 (element)--->  [Detached HTMLAnchorElement] (native) @39999 [1.3KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @39995 [1.7KB]
  --12 (element)--->  [Detached InternalNode] (native) @315026304 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @316585088 [64 bytes]

--Similar leaks in this run: 117--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___navigate (property)--->  [<closure>] (closure) @56595 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @125145 [572 bytes]
  --A (variable)--->  [qn] (closure) @175567 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @212007 [16.3KB]
  --Kn (variable)--->  [y] (object) @430165 [368 bytes]
  --props (property)--->  [Object] (object) @460157 [28 bytes]
  --children (property)--->  [Object] (object) @454583 [316 bytes]
  --props (property)--->  [Object] (object) @463237 [56 bytes]
  --children (property)--->  [Object] (object) @453947 [1.2KB]
  --__ (property)--->  [Object] (object) @453967 [1.1KB]
  --__ (property)--->  [Object] (object) @453989 [940 bytes]
  --__ (property)--->  [Object] (object) @454003 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @331277 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @331269 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @331267 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @331099 [8.5KB]
  --3 (element)--->  [Detached HTMLAnchorElement] (native) @331097 [1.3KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @331091 [1.3KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @331085 [1.3KB]
  --6 (element)--->  [Detached DOMTokenList] (native) @316575168 [56 bytes]

@github-actions
Copy link
Contributor

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/63b01a10e886cc0a1fdd149a
Website Draft URL: https://63b01a10e886cc0a1fdd149a--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63b019ed13d1a01242278019
Website Draft URL: https://63b019ed13d1a01242278019--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Lighthouse Score

Desktop

performance: 92
accessibility: 100
best-practices: 92
seo: 92
pwa: 100

Mobile

performance: 72
accessibility: 100
best-practices: 83
seo: 93
pwa: 100

@tubone24 tubone24 merged commit ff83eeb into master Dec 31, 2022
@tubone24 tubone24 deleted the owasp branch December 31, 2022 11:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants