Skip to content

build: bump static site Javascript dependencies #327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
maxrake merged 1 commit into from
Oct 6, 2025
Merged

build: bump static site Javascript dependencies #327

maxrake merged 1 commit into from
Oct 6, 2025

Conversation

@phylum-bot
Copy link
Contributor

@phylum-bot phylum-bot commented Oct 6, 2025

Bump dependencies in site/package-lock.json for all SemVer-compatible updates.

@phylum-bot phylum-bot requested a review from a team as a code owner October 6, 2025 02:56
@phylum-io
Copy link

phylum-io bot commented Oct 6, 2025

Phylum OSS Supply Chain Risk Analysis - INCOMPLETE

The analysis contains 21 package(s) Phylum has not yet processed,
preventing a complete risk analysis. Phylum is processing these
packages currently and should complete soon.
Please wait for up to 30 minutes, then re-run the analysis.

View this project in the Phylum UI

@maxrake maxrake requested review from maxrake and removed request for janasheehan and mhorner-vera October 6, 2025 15:38
maxrake
maxrake approved these changes Oct 6, 2025
View reviewed changes
Copy link
Contributor

@maxrake maxrake left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Waiting for Phylum analysis to complete before merging.

@phylum-io
Copy link

phylum-io bot commented Oct 6, 2025

Phylum OSS Supply Chain Risk Analysis - FAILED

This repository analyzes the risk of new dependencies. An
administrator of this repository has set requirements via Phylum policy.

If you see this comment, one or more dependencies have failed Phylum's risk analysis.

Package: ai@5.0.60 failed.

ai@5.0.60 is decoding Base64 strings

Risk Domain: Malicious Code
Risk Level: low

Reason: Obfuscated code

Package: @vercel/oidc@3.0.1 failed.

@vercel/oidc@3.0.1 is decoding Base64 strings

Risk Domain: Malicious Code
Risk Level: low

Reason: Obfuscated code

View this project in the Phylum UI

@maxrake
Copy link
Contributor

maxrake commented Oct 6, 2025

Phylum analysis completed and package findings were triaged/allowed.

@maxrake maxrake merged commit 1579308 into main Oct 6, 2025
2 checks passed
@maxrake maxrake deleted the workflow-auto-updates branch October 6, 2025 20:43
@janasheehan
Copy link
Contributor

janasheehan commented Oct 6, 2025

:-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maxrake maxrake maxrake approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@phylum-bot @maxrake @janasheehan