New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Spor rydding del1 #2173

Open

terjeofnorway wants to merge 85 commits into main from spor-rydding-del1

Open

Spor rydding del1 #2173

Merge remote-tracking branch 'origin/main' into spor-rydding-del1

GitHub Advanced Security / CodeQL failed Feb 25, 2025 in 3s

13 new alerts including 10 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

10 high
3 medium

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 91 in packages/nextjs/src/components/_common/card/useCard.tsx

Code scanning / CodeQL

Client-side URL redirect Medium

Untrusted URL redirection depends on a

user-provided value

.

Check warning on line 98 in packages/nextjs/src/components/_common/card/useCard.tsx

Code scanning / CodeQL

Client-side URL redirect Medium

Untrusted URL redirection depends on a

user-provided value

.

Check failure on line 98 in packages/nextjs/src/components/_common/card/useCard.tsx

Code scanning / CodeQL

Client-side cross-site scripting High

Cross-site scripting vulnerability due to

user-provided value

.

Check warning on line 81 in packages/nextjs/src/components/_common/lenke/lenkeBase/LenkeBase.tsx

Code scanning / CodeQL

Client-side URL redirect Medium

Untrusted URL redirection depends on a

user-provided value

.

Check failure on line 81 in packages/nextjs/src/components/_common/lenke/lenkeBase/LenkeBase.tsx

Code scanning / CodeQL

Client-side cross-site scripting High

Cross-site scripting vulnerability due to

user-provided value

.

Check failure on line 62 in packages/nextjs/src/utils/string.ts

Code scanning / CodeQL

Incomplete string escaping or encoding High

This replaces only the first occurrence of '\n'.

Check failure on line 20 in packages/nextjs/src/utils/urls.ts

Code scanning / CodeQL

Regular expression injection High

This regular expression is constructed from a

environment variable

.
This regular expression is constructed from a

environment variable

.

Check failure on line 23 in packages/nextjs/src/utils/urls.ts

Code scanning / CodeQL

Regular expression injection High

This regular expression is constructed from a

environment variable

.

Check failure on line 44 in packages/nextjs/src/utils/urls.ts

Code scanning / CodeQL

Regular expression injection High

This regular expression is constructed from a

environment variable

.
This regular expression is constructed from a

environment variable

.

Check failure on line 49 in packages/nextjs/src/utils/urls.ts

Code scanning / CodeQL

Regular expression injection High

This regular expression is constructed from a

environment variable

.
This regular expression is constructed from a

environment variable

.

Check failure on line 55 in packages/nextjs/src/utils/urls.ts

Code scanning / CodeQL

Regular expression injection High

This regular expression is constructed from a

environment variable

.
This regular expression is constructed from a

environment variable

.

Check failure on line 61 in packages/nextjs/src/utils/urls.ts

Code scanning / CodeQL

Regular expression injection High

This regular expression is constructed from a

environment variable

.

Check failure on line 23 in packages/server/src/req-handlers/invalidate-paths.ts

Code scanning / CodeQL

Reflected cross-site scripting High

Cross-site scripting vulnerability due to a

user-provided value

.