Skip to content

Comments

feat: PoToken#139

Draft
lovegaoshi wants to merge 3 commits intodevfrom
feat/potoken
Draft

feat: PoToken#139
lovegaoshi wants to merge 3 commits intodevfrom
feat/potoken

Conversation

@lovegaoshi
Copy link
Owner

@lovegaoshi lovegaoshi commented Jan 1, 2026

closes #136

@coderabbitai
Copy link

coderabbitai bot commented Jan 1, 2026

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 1, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
5 Security Hotspots
E Security Rating on New Code (required ≥ A)
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 1, 2026
View reviewed changes
src/utils/bgutils/Constants.ts
WEB: {
NAME: 'WEB',
VERSION: '2.20250222.10.00',
API_KEY: 'AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8',

Check failure

Code scanning / SonarCloud

Google API keys should not be disclosed High

Make sure this Google API Key is either secured or revoked, changed, and removed from the code. See more on SonarQube Cloud
src/utils/bgutils/Constants.ts
WEB_EMBEDDED: {
NAME: 'WEB_EMBEDDED_PLAYER',
VERSION: '1.20250219.01.00',
API_KEY: 'AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8',

Check failure

Code scanning / SonarCloud

Google API keys should not be disclosed High

Make sure this Google API Key is either secured or revoked, changed, and removed from the code. See more on SonarQube Cloud
src/utils/bgutils/Constants.ts
WEB_CREATOR: {
NAME: 'WEB_CREATOR',
VERSION: '1.20241203.01.00',
API_KEY: 'AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8',

Check failure

Code scanning / SonarCloud

Google API keys should not be disclosed High

Make sure this Google API Key is either secured or revoked, changed, and removed from the code. See more on SonarQube Cloud
src/utils/mediafetch/ytpot.ts
window.addEventListener('message', listener);
const iframe = document.getElementById('sandboxPOT');
// @ts-expect-error contentWindow indeed exists
iframe?.contentWindow.postMessage(

Check failure

Code scanning / SonarCloud

Origins should be verified during cross-origin communications High

Specify a target origin for this message. See more on SonarQube Cloud
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[feat] yt potoken

1 participant

@lovegaoshi