Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add test #1194

Merged
merged 3 commits into from
Jan 2, 2023
Merged

add test #1194

merged 3 commits into from
Jan 2, 2023

Conversation

tubone24
Copy link
Owner

@tubone24 tubone24 commented Jan 2, 2023

No description provided.

@github-actions github-actions bot added the src label Jan 2, 2023
@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
- webpack
Unused devdependencies
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- babel-eslint
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- cypress
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-hoso-kinshi-yogo
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Snyk vulnerability report

OSS packages

Tested 1655 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 1.0.2, 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 133
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@coveralls
Copy link
Collaborator

coveralls commented Jan 2, 2023

Pull Request Test Coverage Report for Build 3823453708

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.2%) to 85.143%

Totals Coverage Status
Change from base Build 3822933893: 0.2%
Covered Lines: 224
Relevant Lines: 254

💛 - Coveralls

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Memlab leaks report

page-load [7.1MB] (baseline) [s1] > action-on-page [8.5MB] (target) [s2] > revert [8.6MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 691--
--Retained size of leaked objects: 111.8KB--
[<synthetic>] (synthetic) @1 [9.2MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9827 [73.6KB]
  --___navigate (property)--->  [<closure>] (closure) @95849 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @95837 [572 bytes]
  --n (variable)--->  [u] (closure) @116211 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @95909 [31.9KB]
  --c (variable)--->  [Object] (object) @116209 [31.3KB]
  --449 (element)--->  [Object] (object) @226555 [24 bytes]
  --exports (property)--->  [r] (closure) @297109 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @285037 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @205243 [1.3KB]
  --e (variable)--->  [Object] (object) @205229 [1KB]
  --1 (element)--->  [Object] (object) @180495 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @178903 [348 bytes]
  --$node (property)--->  [U] (object) @178933 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @38169 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39681 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39657 [196 bytes]
  --5 (element)--->  [Detached HTMLElement] (native) @39649 [196 bytes]
  --6 (element)--->  [Detached HTMLElement] (native) @39651 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38797 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @38799 [196 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @38801 [196 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @38803 [196 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @38805 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @39497 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @39457 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @40119 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @40093 [196 bytes]
  --4 (element)--->  [Detached HTMLAnchorElement] (native) @40081 [1.7KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @40083 [1.7KB]
  --6 (element)--->  [Detached DOMTokenList] (native) @277707552 [56 bytes]

--Similar leaks in this run: 110--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9.2MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9827 [73.6KB]
  --___navigate (property)--->  [<closure>] (closure) @95849 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @95837 [572 bytes]
  --N (variable)--->  [qn] (closure) @116675 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @116267 [16.3KB]
  --Kn (variable)--->  [y] (object) @452779 [368 bytes]
  --props (property)--->  [Object] (object) @476821 [28 bytes]
  --children (property)--->  [Object] (object) @463981 [316 bytes]
  --props (property)--->  [Object] (object) @463989 [56 bytes]
  --children (property)--->  [Object] (object) @452129 [1.2KB]
  --__ (property)--->  [Object] (object) @451909 [1.1KB]
  --__ (property)--->  [Object] (object) @452775 [940 bytes]
  --__ (property)--->  [Object] (object) @452723 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @335379 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @335377 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @335373 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @335001 [8.5KB]
  --4 (element)--->  [Detached HTMLAnchorElement] (native) @334969 [1.3KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @334975 [1.3KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @334981 [1.4KB]
  --7 (element)--->  [Detached HTMLImageElement] (native) @334977 [300 bytes]
  --5 (element)--->  [Detached InternalNode] (native) @19621184 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @277242720 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @277242560 [56 bytes]

--Similar leaks in this run: 6--
--Retained size of leaked objects: 632 bytes--
[<synthetic>] (synthetic) @1 [9.2MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9827 [73.6KB]
  --__twttrll (property)--->  [Array] (object) @80643 [184 bytes]
  --push (property)--->  [e] (closure) @128447 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @80627 [248 bytes]
  --n (variable)--->  [Object] (object) @127993 [13KB]
  --101 (element)--->  [Object] (object) @128961 [24 bytes]
  --exports (property)--->  [o] (closure) @128309 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @81649 [6.2KB]
  --g (variable)--->  [Detached Text] (native) @40301 [396 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @309280704 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @309280864 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @309281184 [272 bytes]
  --1 (element)--->  [Detached MutationObserverRegistration] (native) @309281024 [272 bytes]

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63b2f07e82ff7c7e2913b387
Website Draft URL: https://63b2f07e82ff7c7e2913b387--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/63b2f0bfaf32d17b2352f3e3
Website Draft URL: https://63b2f0bfaf32d17b2352f3e3--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Lighthouse Score

Desktop

performance: 82
accessibility: 100
best-practices: 92
seo: 92
pwa: 100

Mobile

performance: 57.99999999999999
accessibility: 100
best-practices: 83
seo: 93
pwa: 100

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
- webpack
Unused devdependencies
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- babel-eslint
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- cypress
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-hoso-kinshi-yogo
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Snyk vulnerability report

OSS packages

Tested 1655 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 1.0.2, 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 133
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/63b2f22307bec97ed9d34e5d
Website Draft URL: https://63b2f22307bec97ed9d34e5d--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/63b2f26fb07b370c59f69a6e
Website Draft URL: https://63b2f26fb07b370c59f69a6e--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Memlab leaks report

page-load [7.2MB] (baseline) [s1] > action-on-page [8.5MB] (target) [s2] > revert [8.6MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 612--
--Retained size of leaked objects: 107.5KB--
[<synthetic>] (synthetic) @1 [9.2MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___replace (property)--->  [<closure>] (closure) @56577 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @110473 [572 bytes]
  --n (variable)--->  [u] (closure) @176357 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @110535 [32.2KB]
  --c (variable)--->  [Object] (object) @187639 [31.6KB]
  --449 (element)--->  [Object] (object) @187735 [24 bytes]
  --exports (property)--->  [r] (closure) @206351 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @138475 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @138471 [1.3KB]
  --e (variable)--->  [Object] (object) @157429 [1KB]
  --1 (element)--->  [Object] (object) @157431 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @238065 [348 bytes]
  --$node (property)--->  [U] (object) @238103 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @38389 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39581 [196 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @39557 [196 bytes]
  --5 (element)--->  [Detached HTMLElement] (native) @39551 [196 bytes]
  --6 (element)--->  [Detached HTMLElement] (native) @39553 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @38791 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @38789 [196 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @38787 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38667 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @38671 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38685 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @38687 [196 bytes]
  --6 (element)--->  [Detached HTMLAnchorElement] (native) @38689 [1.3KB]
  --12 (element)--->  [Detached InternalNode] (native) @279549888 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @311723744 [64 bytes]

--Similar leaks in this run: 109--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [9.2MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --___replace (property)--->  [<closure>] (closure) @56577 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @110473 [572 bytes]
  --N (variable)--->  [qn] (closure) @183895 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @169769 [16.3KB]
  --Kn (variable)--->  [y] (object) @455135 [368 bytes]
  --props (property)--->  [Object] (object) @455131 [28 bytes]
  --children (property)--->  [Object] (object) @455143 [316 bytes]
  --props (property)--->  [Object] (object) @455119 [56 bytes]
  --children (property)--->  [Object] (object) @455123 [1.2KB]
  --__ (property)--->  [Object] (object) @464387 [1.1KB]
  --__ (property)--->  [Object] (object) @464401 [940 bytes]
  --__ (property)--->  [Object] (object) @464415 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @334523 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334521 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334519 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @334157 [8.5KB]
  --6 (element)--->  [Detached HTMLElement] (native) @334175 [15KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @334173 [13.4KB]
  --3 (element)--->  [Detached Text] (native) @278908288 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @278908448 [264 bytes]
  --6 (element)--->  [Detached InternalNode] (native) @311832448 [56 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @311832288 [56 bytes]
  --1 (element)--->  [Detached NodeList] (native) @311772352 [56 bytes]

--Similar leaks in this run: 7--
--Retained size of leaked objects: 520 bytes--
[<synthetic>] (synthetic) @1 [9.2MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [73.4KB]
  --__twttrll (property)--->  [Array] (object) @56771 [184 bytes]
  --push (property)--->  [e] (closure) @192031 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @95489 [248 bytes]
  --n (variable)--->  [Object] (object) @191607 [13KB]
  --101 (element)--->  [Object] (object) @192545 [24 bytes]
  --exports (property)--->  [o] (closure) @191897 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @96489 [6.2KB]
  --g (variable)--->  [Detached Text] (native) @40329 [396 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @78441024 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @99183488 [272 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @98886656 [272 bytes]
  --1 (element)--->  [Detached MutationObserverRegistration] (native) @98886816 [272 bytes]
  --1 (element)--->  [Detached MutationObserver] (native) @312336768 [192 bytes]
  --1 (element)--->  [Detached MutationObserver::Delegate] (native) @312336608 [80 bytes]
  --1 (element)--->  [Detached V8MutationCallback] (native) @99300800 [40 bytes]

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Lighthouse Score

Desktop

performance: 90
accessibility: 100
best-practices: 92
seo: 92
pwa: 100

Mobile

performance: 64
accessibility: 100
best-practices: 83
seo: 93
pwa: 100

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
- webpack
Unused devdependencies
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- babel-eslint
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- cypress
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-hoso-kinshi-yogo
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Snyk vulnerability report

OSS packages

Tested 1655 dependencies for known issues, found 8 issues, 19 vulnerable paths.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1038255] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 0.21.1
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269] in [email protected]
introduced by [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.21.3
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 9 other path(s)
This issue was fixed in versions: 1.0.2, 2.2.2
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Open Redirect
Path: src/templates/index.tsx, line 133
Info: Unsanitized input from the document location flows into url, where it is used as an URL to redirect the user. This may result in an Open Redirect vulnerability.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

1 Code issues found
1 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!


Test Summary

Organization: tubone24
Project name: http://github.com/tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]


Tip

New: Share your test results in the Snyk Web UI with the option --report

@github-actions
Copy link
Contributor

github-actions bot commented Jan 2, 2023

Memlab leaks report

page-load [7.1MB] (baseline) [s1] > action-on-page [8.1MB] (target) [s2] > revert [8.2MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 686--
--Retained size of leaked objects: 110.7KB--
[<synthetic>] (synthetic) @1 [8.8MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [71.2KB]
  --___replace (property)--->  [<closure>] (closure) @221431 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @162411 [572 bytes]
  --n (variable)--->  [u] (closure) @156463 [2.7KB]
  --context (internal)--->  [<function scope>] (object) @133739 [32.1KB]
  --c (variable)--->  [Object] (object) @156461 [31.5KB]
  --449 (element)--->  [Object] (object) @211907 [24 bytes]
  --exports (property)--->  [r] (closure) @114139 [2.1KB]
  --hasData (property)--->  [<closure>] (closure) @114771 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @133061 [1.3KB]
  --e (variable)--->  [Object] (object) @133041 [1KB]
  --2 (element)--->  [Object] (object) @339203 [76 bytes]
  --aaAutocomplete (property)--->  [h] (object) @339207 [348 bytes]
  --$node (property)--->  [U] (object) @340389 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @314639 [348 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @314181 [7.8KB]
  --6 (element)--->  [Detached HTMLDivElement] (native) @314351 [196 bytes]
  --3 (element)--->  [Detached HTMLHRElement] (native) @314349 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @314347 [608 bytes]
  --4 (element)--->  [Detached HTMLAnchorElement] (native) @314285 [1.4KB]
  --10 (element)--->  [Detached HTMLAnchorElement] (native) @314295 [1.4KB]
  --12 (element)--->  [Detached InternalNode] (native) @97377568 [120 bytes]
  --1 (element)--->  [Detached ElementIntersectionObserverData] (native) @270164032 [64 bytes]

--Similar leaks in this run: 145--
--Retained size of leaked objects: 28.6KB--
[<synthetic>] (synthetic) @1 [8.8MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [71.2KB]
  --___replace (property)--->  [<closure>] (closure) @221431 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @162411 [572 bytes]
  --N (variable)--->  [qn] (closure) @116277 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @135287 [16.3KB]
  --Kn (variable)--->  [y] (object) @415773 [368 bytes]
  --props (property)--->  [Object] (object) @424333 [28 bytes]
  --children (property)--->  [Object] (object) @460815 [316 bytes]
  --props (property)--->  [Object] (object) @461007 [56 bytes]
  --children (property)--->  [Object] (object) @452011 [1.2KB]
  --__ (property)--->  [Object] (object) @451995 [1.1KB]
  --__ (property)--->  [Object] (object) @452001 [940 bytes]
  --__ (property)--->  [Object] (object) @452017 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @314449 [272 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @314447 [196 bytes]
  --3 (element)--->  [Detached HTMLDivElement] (native) @314445 [196 bytes]
  --4 (element)--->  [Detached HTMLDivElement] (native) @314679 [8.5KB]
  --6 (element)--->  [Detached HTMLElement] (native) @314697 [15KB]
  --3 (element)--->  [Detached HTMLDivElement] (native) @314695 [13.4KB]
  --4 (element)--->  [Detached Text] (native) @81636608 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @81626848 [272 bytes]
  --3 (element)--->  [Detached Text] (native) @81632768 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @81633088 [1.2KB]
  --4 (element)--->  [Detached Text] (native) @270385248 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @81642848 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @81644608 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @81644928 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @81645888 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @81646528 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @81646688 [96 bytes]
  --2 (element)--->  [Detached HTMLImageElement] (native) @81654848 [272 bytes]
  --3 (element)--->  [Detached Text] (native) @81655168 [96 bytes]
  --2 (element)--->  [Detached HTMLParagraphElement] (native) @81655328 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @81655808 [96 bytes]
  --2 (element)--->  [Detached HTMLHeadingElement] (native) @81655968 [264 bytes]
  --4 (element)--->  [Detached Text] (native) @81656288 [96 bytes]
  --2 (element)--->  [Detached HTMLDivElement] (native) @81656448 [2.4KB]
  --4 (element)--->  [Detached Text] (native) @81654528 [96 bytes]
  --2 (element)--->  [Detached HTMLBRElement] (native) @81649248 [168 bytes]
  --2 (element)--->  [Detached Text] (native) @81653728 [96 bytes]
  --2 (element)--->  [Detached HTMLElement] (native) @81640608 [1.1KB]
  --1 (element)--->  [Detached HTMLEmbedElement] (native) @81649088 [984 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @33173536 [584 bytes]
  --1 (element)--->  [Detached ShadowRoot] (native) @33173376 [528 bytes]
  --5 (element)--->  [Detached V8ObservableArrayCSSStyleSheet] (native) @270283584 [120 bytes]
  --2 (element)--->  [Detached ObservableArrayExoticObject] (native) @270982272 [32 bytes]

--Similar leaks in this run: 6--
--Retained size of leaked objects: 464 bytes--
[<synthetic>] (synthetic) @1 [8.8MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9835 [71.2KB]
  --__twttrll (property)--->  [Array] (object) @74759 [184 bytes]
  --push (property)--->  [e] (closure) @173575 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @74739 [248 bytes]
  --n (variable)--->  [Object] (object) @171309 [13KB]
  --102 (element)--->  [Object] (object) @173011 [24 bytes]
  --exports (property)--->  [Object] (object) @172467 [3.5KB]
  --init (property)--->  [init] (closure) @173667 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @174765 [3.1KB]
  --r (variable)--->  [Detached HTMLFormElement] (native) @37253 [1.8KB]
  --5 (element)--->  [Detached HTMLInputElement] (native) @37245 [684 bytes]
  --8 (element)--->  [Detached InternalNode] (native) @30818560 [328 bytes]
  --1 (element)--->  [Detached ShadowRoot] (native) @30818240 [328 bytes]
  --4 (element)--->  [Detached V8ObservableArrayCSSStyleSheet] (native) @306452256 [120 bytes]
  --2 (element)--->  [Detached ObservableArrayExoticObject] (native) @306452096 [32 bytes]

@tubone24 tubone24 merged commit 87e164d into master Jan 2, 2023
@tubone24 tubone24 deleted the addtest branch January 2, 2023 15:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants