jspcd, dry, lint

[jarena3]

No description provided.

[netlify]

❌ Deploy Preview for cc-dev-preview failed. Why did it fail? →

Name	Link
🔨 Latest commit	eb1683e
🔍 Latest deploy log	https://app.netlify.com/projects/cc-dev-preview/deploys/6a171924fc25c8000812b83f

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	1		0	0	0.01s
❌ ACTION	zizmor	1		1	0	0.34s
❌ COPYPASTE	jscpd	yes		847	no	67.18s
❌ CSS	stylelint	22		206	0	2.65s
❌ HTML	djlint	1		3	0	1.08s
✅ HTML	htmlhint	1		0	0	0.21s
❌ JAVASCRIPT	eslint	967		1	0	0.87s
❌ JAVASCRIPT	standard	3		1	0	1.46s
✅ JSON	jsonlint	32		0	0	0.1s
✅ JSON	npm-package-json-lint	yes		no	no	0.42s
⚠️ JSON	prettier	32		1	0	1.21s
✅ JSON	v8r	32		0	0	14.24s
⚠️ MARKDOWN	markdownlint	5		5	0	0.68s
⚠️ MARKDOWN	markdown-table-formatter	5		1	0	0.21s
✅ REPOSITORY	checkov	yes		no	no	42.17s
❌ REPOSITORY	gitleaks	yes		86	no	102.53s
✅ REPOSITORY	git_diff	yes		no	no	0.27s
❌ REPOSITORY	grype	yes		13	no	92.87s
❌ REPOSITORY	osv-scanner	yes		24	no	5.68s
✅ REPOSITORY	secretlint	yes		no	no	22.08s
✅ REPOSITORY	syft	yes		no	no	3.86s
❌ REPOSITORY	trivy	yes		1	no	11.64s
✅ REPOSITORY	trivy-sbom	yes		no	no	22.23s
✅ REPOSITORY	trufflehog	yes		no	no	5.69s
❌ SPELL	cspell	1359		17285	0	629.75s
❌ SPELL	lychee	61		26	0	43.12s
❌ TYPESCRIPT	eslint	301		1	0	0.68s
❌ TYPESCRIPT	ts-standard	301		1	0	98.99s
⚠️ YAML	prettier	6		1	3	0.77s
✅ YAML	v8r	6		0	0	6.06s
✅ YAML	yamllint	6		0	0	1.3s

Detailed Issues

❌ SPELL / cspell - 17285 errors

\u0432\u0435\u043d\u044c",
        "\u0443\u0440\u043e\u0432\u043d\u0435\u0439",
        "\u0443\u0440\u043e\u0432\u043d\u0438",
        "\u0443\u0440\u043e\u0432\u043d\u044f",
        "\u0443\u0441\u043f\u0435\u0445\u043e\u0432",
        "\u0443\u0441\u043f\u0435\u0448\u043d\u043e",
        "\u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0435",
        "\u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044f",
        "\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c",
        "\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443",
        "\u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f\u043c\u0438",
        "\u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u0430",
        "\u0444\u0430\u043d\u0442\u0430\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f",
        "\u0444\u043e\u043d\u043e\u0432",
        "\u0444\u0440\u0430\u043a\u0446\u0438\u0438",
        "\u0445\u043e\u0442\u0438\u0442\u0435",
        "\u0446\u0435\u043b\u0438",
        "\u0446\u0435\u043b\u043e\u0433\u043e",
        "\u0447\u0430\u0441\u0430",
        "\u0447\u0430\u0441\u0430\u0445",
        "\u0447\u0430\u0441\u043e\u0432",
        "\u0447\u0430\u0441\u044b",
        "\u0447\u0435\u043b\u043e\u0432\u0435\u0447\u0435\u0441\u043a\u0438\u043c\u0438",
        "\u0447\u0435\u043b\u043e\u0432\u0435\u0447\u0435\u0441\u0442\u0432\u043e",
        "\u0447\u0438\u0441\u043b\u0430",
        "\u0447\u0442\u043e\u0431\u044b",
        "\u0447\u0443\u0432\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c",
        "\u0448\u0438\u0440\u043e\u043a\u0438\u0439",
        "\u044d\u0442\u0438\u0445",
        "\u044d\u0442\u043e\u0433\u043e",
        "\u044d\u0442\u043e\u0442",
        "\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f",
        "\u0e88\u0644\u035c\u0e88",
        "\ud835\udcd7\ud835\udcee\ud835\udcea\ud835\udcfb\ud835\udcfd\ud835\udd00\ud835\udcf8\ud835\udcf8\ud835\udced",
        "\ud835\udd4f\ud835\udd6a\ud835\udd5d\ud835\udd56\ud835\udd5e",
        "\ud835\udd6e\ud835\udd86\ud835\udd92\ud835\udd87\ud835\udd8e\ud835\udd9a\ud835\udd92"
    ]
}


You can also copy-paste megalinter-reports/.cspell.json at the root of your repository

(Truncated to last 2222 characters out of 2987992)

❌ HTML / djlint - 3 errors

Linting 0/1 files ┈┈┈┈┈┈┈┈┈┈ 00:00    
                                      

Linting 1/1 files ━━━━━━━━━━ 00:00    
Linting 1/1 files ━━━━━━━━━━ 00:00    


index.html
───────────────────────────────────────────────────────────────────────────────
H030 2:0 Consider adding a meta description. <html lang="en"> <
H031 2:0 Consider adding meta keywords. <html lang="en"> <
H021 11:2 Inline styles should be avoided. <body style=

Linted 1 file, found 3 errors.

❌ JAVASCRIPT / eslint - 1 error

Oops! Something went wrong! :(

ESLint: 10.3.0

Error [ERR_MODULE_NOT_FOUND]: Cannot find package '@eslint/js' imported from eslint.config.mjs
Did you mean to import "@eslint/js/src/index.js"?
    at Object.getPackageJSONURL (node:internal/modules/package_json_reader:316:9)
    at packageResolve (node:internal/modules/esm/resolve:768:81)
    at moduleResolve (node:internal/modules/esm/resolve:858:18)
    at defaultResolve (node:internal/modules/esm/resolve:990:11)
    at #cachedDefaultResolve (node:internal/modules/esm/loader:755:20)
    at ModuleLoader.resolve (node:internal/modules/esm/loader:732:38)
    at ModuleLoader.getModuleJobForImport (node:internal/modules/esm/loader:317:38)
    at #link (node:internal/modules/esm/module_job:208:49)

❌ TYPESCRIPT / eslint - 1 error

Oops! Something went wrong! :(

ESLint: 10.3.0

Error [ERR_MODULE_NOT_FOUND]: Cannot find package '@eslint/js' imported from eslint.config.mjs
Did you mean to import "@eslint/js/src/index.js"?
    at Object.getPackageJSONURL (node:internal/modules/package_json_reader:316:9)
    at packageResolve (node:internal/modules/esm/resolve:768:81)
    at moduleResolve (node:internal/modules/esm/resolve:858:18)
    at defaultResolve (node:internal/modules/esm/resolve:990:11)
    at #cachedDefaultResolve (node:internal/modules/esm/loader:755:20)
    at ModuleLoader.resolve (node:internal/modules/esm/loader:732:38)
    at ModuleLoader.getModuleJobForImport (node:internal/modules/esm/loader:317:38)
    at #link (node:internal/modules/esm/module_job:208:49)

❌ REPOSITORY / gitleaks - 86 errors

7223bca21ee0aeac59e8cec1b78a6a160/src/cloud/patreon.ts#L11

Finding:     const gistToken = 'REDACTED'
Secret:      REDACTED
RuleID:      generic-api-key
Entropy:     3.772574
File:        src/io/apis/gist.ts
Line:        9
Commit:      HIDDEN_BY_MEGALINTERAuthor:      John Arena
Email:       john.arena@qsrsoft.com
Date:        2020-12-14T18:05:03Z
Fingerprint: 0e1c77d037d9d9059c83339bd830885ff20e63c9:src/io/apis/gist.ts:generic-api-key:9
Link:        https://github.com/massif-press/compcon/blob/0e1c77d037d9d9059c83339bd830885ff20e63c9/src/io/apis/gist.ts#L9

Finding:     const gistToken = 'REDACTED'
Secret:      REDACTED
RuleID:      generic-api-key
Entropy:     3.772574
File:        src/io/apis/gist.ts
Line:        9
Commit:      HIDDEN_BY_MEGALINTERAuthor:      John Arena
Email:       john.arena@qsrsoft.com
Date:        2020-12-14T18:05:03Z
Fingerprint: 1e9cf1522b317cc0c6b1b5b556547856eb241693:src/io/apis/gist.ts:generic-api-key:9
Link:        https://github.com/massif-press/compcon/blob/1e9cf1522b317cc0c6b1b5b556547856eb241693/src/io/apis/gist.ts#L9

Finding:     const token = 'REDACTED'
Secret:      REDACTED
RuleID:      generic-api-key
Entropy:     3.725070
File:        src/renderer/logic/apis.ts
Line:        5
Commit:      HIDDEN_BY_MEGALINTERAuthor:      Johnny
Email:       john.arena.3@gmail.com
Date:        2019-05-09T20:47:49Z
Fingerprint: c8d4913ddfc7297fb718f7253db726cd351e4e66:src/renderer/logic/apis.ts:generic-api-key:5
Link:        https://github.com/massif-press/compcon/blob/c8d4913ddfc7297fb718f7253db726cd351e4e66/src/renderer/logic/apis.ts#L5

Finding:     const token = 'REDACTED'
Secret:      REDACTED
RuleID:      generic-api-key
Entropy:     3.725070
File:        src/renderer/logic/apis.ts
Line:        5
Commit:      HIDDEN_BY_MEGALINTERAuthor:      Johnny
Email:       john.arena.3@gmail.com
Date:        2019-05-09T20:47:49Z
Fingerprint: 24a395ec4f8e21d7b51fbda187fe10b654424fd6:src/renderer/logic/apis.ts:generic-api-key:5
Link:        https://github.com/massif-press/compcon/blob/24a395ec4f8e21d7b51fbda187fe10b654424fd6/src/renderer/logic/apis.ts#L5

4:22PM INF 4872 commits scanned.
4:22PM INF scanned ~93127112 bytes (93.13 MB) in 1m38.9s
4:22PM WRN leaks found: 86

(Truncated to last 2222 characters out of 49273)

❌ REPOSITORY / grype - 13 errors

[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
[0002] ERROR unable to parse yarn v2 package key from=syft key=__metadata
NAME       INSTALLED  FIXED IN  TYPE  VULNERABILITY        SEVERITY  EPSS           RISK   
vite       6.4.1      6.4.2     npm   GHSA-p9ff-h696-f583  High      8.7% (92nd)    6.9    
vite       6.4.1      6.4.2     npm   GHSA-4w7w-66w2-5vf9  Medium    1.7% (82nd)    1.0    
quill      1.3.7                npm   GHSA-4943-9vgg-gr5r  Medium    0.5% (65th)    0.2    
expr-eval  2.0.2                npm   GHSA-jc85-fpwf-qm7x  High      0.1% (27th)    < 0.1  
immutable  5.1.2      5.1.5     npm   GHSA-wf6x-7x77-mvgw  High      < 0.1% (23rd)  < 0.1  
expr-eval  2.0.2                npm   GHSA-8gw3-rxh4-v6jx  High      < 0.1% (17th)  < 0.1  
lodash-es  4.17.23    4.18.0    npm   GHSA-r5fr-rjxr-66jc  High      < 0.1% (13th)  < 0.1  
picomatch  2.3.1      2.3.2     npm   GHSA-3v7f-55p6-f55p  Medium    < 0.1% (17th)  < 0.1  
quill      2.0.3                npm   GHSA-v3m3-f69x-jf25  Low       < 0.1% (20th)  < 0.1  
lodash-es  4.17.23    4.18.0    npm   GHSA-f23m-r3pf-42rh  Medium    < 0.1% (7th)   < 0.1  
picomatch  2.3.1      2.3.2     npm   GHSA-c2c7-rcm5-vvqj  High      < 0.1% (5th)   < 0.1  
yaml       2.8.2      2.8.3     npm   GHSA-48c2-rrv3-qjmp  Medium    < 0.1% (6th)   < 0.1  
uuid       11.1.0     11.1.1    npm   GHSA-w5hq-g745-h8pq  Medium    < 0.1% (2nd)   < 0.1
[0092] ERROR discovered vulnerabilities at or above the severity threshold

❌ COPYPASTE / jscpd - 847 errors

─┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ css        │ 20             │ 1260        │ 5598         │ 1            │ 5 (0.4%)         │ 56 (1%)           │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ markdown   │ 17             │ 2685        │ 11282        │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ javascript │ 4              │ 443         │ 1968         │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ json       │ 31             │ 4411        │ 23163        │ 2            │ 104 (2.36%)      │ 489 (2.11%)       │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ url        │ 1              │ 0           │ 4            │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ yaml       │ 1              │ 23          │ 49           │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ Total:     │ 1338           │ 154107      │ 1034667      │ 847          │ 9839 (6.38%)     │ 66894 (6.47%)     │
└────────────┴────────────────┴─────────────┴──────────────┴──────────────┴──────────────────┴───────────────────┘
Found 847 clones.
HTML report saved to megalinter-reports/copy-paste/html/
ERROR: jscpd found too many duplicates (6.38%) over threshold (0%)
Error: ERROR: jscpd found too many duplicates (6.38%) over threshold (0%)
    at ThresholdReporter.report (/node-deps/node_modules/@jscpd/finder/dist/index.js:615:13)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:109:18
    at Array.forEach (<anonymous>)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:108:22
    at async /node-deps/node_modules/jscpd/dist/bin/jscpd.js:9:5

(Truncated to last 2222 characters out of 180356)

❌ SPELL / lychee - 26 errors

404 Not Found
[404] http://bit.ly/ttrpgsafetytoolkit/ (at 41:770) | Rejected status code: 404 Not Found
[404] http://bit.ly/ttrpgsafetytoolkit/ (at 42:776) | Rejected status code: 404 Not Found
[404] http://bit.ly/ttrpgsafetytoolkit/ (at 43:732) | Rejected status code: 404 Not Found
[404] http://bit.ly/ttrpgsafetytoolkit/ (at 44:777) | Rejected status code: 404 Not Found
[404] http://bit.ly/ttrpgsafetytoolkit/ (at 45:389) | Rejected status code: 404 Not Found
[404] http://bit.ly/ttrpgsafetytoolkit/ (at 46:454) | Rejected status code: 404 Not Found
[404] http://bit.ly/ttrpgsafetytoolkit/ (at 47:475) | Rejected status code: 404 Not Found

Errors in src/assets/srd/package.json
[404] https://github.com/massif-press/lancer-srd.git (at 8:13) | Rejected status code: 404 Not Found | Followed 1 redirect. Redirects: https://github.com/massif-press/lancer-srd.git --[301]--> https://github.com/massif-press/lancer-srd

Errors in src/features/nav/pages/credits.json
[404] https://pbs.twimg.com/profile_images/1505243993097084928/5YkoPhmP_400x400.jpg (at 77:17) | Rejected status code: 404 Not Found
[ERROR] https://www.wampyrekeli.com/ (at 78:19) | Network error: received fatal alert: HandshakeFailure

Errors in src/features/pilot_management/New/pregens.json
[ERROR] error: (at 126:14) | Cannot parse 'ACBP://900-EWR::NOVEMBER-LABRYS-CITRINE' into a URL: invalid port number
[ERROR] error: (at 170:14) | Cannot parse 'ACBP://142-FSP::JANUARY-GONFALON-ARGENT' into a URL: invalid port number
[ERROR] error: (at 49:14) | Cannot parse 'ACBP://806-MDR::JULY-HALBERD-LAUREL' into a URL: invalid port number
[ERROR] error: (at 5:14) | Cannot parse 'ACBP://142-CQC::OCTOBER-TALWAR-GOLD' into a URL: invalid port number
[ERROR] error: (at 88:14) | Cannot parse 'ACBP://014-LNR::AUGUST-DAIKYU-VERMILLION' into a URL: invalid port number

Errors in src/io/assets/artistmap.json
[ERROR] https://www.wampyrekeli.com/ (at 232:17) | Network error: received fatal alert: HandshakeFailure

Hint: Followed 28 redirects. You might want to consider replacing redirecting URLs with the resolved URLs. Use verbose mode (`-v`/`-vv`) to see redirection details.
Hint: You can configure accepted/rejected response codes with `-a` or `--accept`

(Truncated to last 2222 characters out of 3433)

❌ REPOSITORY / osv-scanner - 24 errors

k.json |
| https://osv.dev/GHSA-3v7f-55p6-f55p | 5.3  | npm       | picomatch (dev) | 2.3.1   | 2.3.2         | package-lock.json |
| https://osv.dev/GHSA-c2c7-rcm5-vvqj | 7.5  | npm       | picomatch (dev) | 2.3.1   | 2.3.2         | package-lock.json |
| https://osv.dev/GHSA-4943-9vgg-gr5r | 4.2  | npm       | quill           | 1.3.7   | --            | package-lock.json |
| https://osv.dev/GHSA-v3m3-f69x-jf25 | 6.1  | npm       | quill           | 2.0.3   | --            | package-lock.json |
| https://osv.dev/GHSA-w5hq-g745-h8pq | 7.5  | npm       | uuid            | 11.1.0  | 11.1.1        | package-lock.json |
| https://osv.dev/GHSA-4w7w-66w2-5vf9 | 6.3  | npm       | vite (dev)      | 6.4.1   | 6.4.2         | package-lock.json |
| https://osv.dev/GHSA-p9ff-h696-f583 | 8.2  | npm       | vite (dev)      | 6.4.1   | 6.4.2         | package-lock.json |
| https://osv.dev/GHSA-48c2-rrv3-qjmp | 4.3  | npm       | yaml (dev)      | 2.8.2   | 2.8.3         | package-lock.json |
| https://osv.dev/GHSA-8gw3-rxh4-v6jx | 7.3  | npm       | expr-eval       | 2.0.2   | --            | yarn.lock         |
| https://osv.dev/GHSA-jc85-fpwf-qm7x | 8.6  | npm       | expr-eval       | 2.0.2   | --            | yarn.lock         |
| https://osv.dev/GHSA-25h7-pfq9-p65f | 7.5  | npm       | flatted         | 3.3.3   | 3.4.0         | yarn.lock         |
| https://osv.dev/GHSA-rf6f-7fwh-wjgh | 8.9  | npm       | flatted         | 3.3.3   | 3.4.2         | yarn.lock         |
| https://osv.dev/GHSA-v3m3-f69x-jf25 | 6.1  | npm       | quill           | 2.0.3   | --            | yarn.lock         |
| https://osv.dev/GHSA-w5hq-g745-h8pq | 7.5  | npm       | uuid            | 11.1.0  | 11.1.1        | yarn.lock         |
| https://osv.dev/GHSA-4w7w-66w2-5vf9 | 6.3  | npm       | vite            | 6.4.1   | 6.4.2         | yarn.lock         |
| https://osv.dev/GHSA-p9ff-h696-f583 | 8.2  | npm       | vite            | 6.4.1   | 6.4.2         | yarn.lock         |
| https://osv.dev/GHSA-48c2-rrv3-qjmp | 4.3  | npm       | yaml            | 2.8.2   | 2.8.3         | yarn.lock         |
+-------------------------------------+------+-----------+-----------------+---------+---------------+-------------------+

(Truncated to last 2222 characters out of 3867)

❌ JAVASCRIPT / standard - 1 error

standard: Use JavaScript Standard Style (https://standardjs.com)
standard: Some warnings are present which will be errors in the next version (https://standardjs.com)
standard: Run `standard --fix` to automatically fix some problems.
  .dependency-cruiser.js:0:0: File ignored by default.  Use a negated ignore pattern (like "--ignore-pattern '!<relative/path/to/filename>'") to override. (null) (warning)
  src/assets/srd/index.js:1:13: Extra semicolon. (semi)
  src/assets/srd/index.js:4:43: Unexpected trailing comma. (comma-dangle)
  src/assets/srd/index.js:5:2: Extra semicolon. (semi)
  src/assets/srd/index.js:7:22: Extra semicolon. (semi)
  src/features/gm/npc_roster/npcs/_components/index.js:1:54: Extra semicolon. (semi)
  src/features/gm/npc_roster/npcs/_components/index.js:2:58: Extra semicolon. (semi)
  src/features/gm/npc_roster/npcs/_components/index.js:3:60: Extra semicolon. (semi)
  src/features/gm/npc_roster/npcs/_components/index.js:4:52: Extra semicolon. (semi)
  src/features/gm/npc_roster/npcs/_components/index.js:5:50: Extra semicolon. (semi)
  src/features/gm/npc_roster/npcs/_components/index.js:12:17: Unexpected trailing comma. (comma-dangle)
  src/features/gm/npc_roster/npcs/_components/index.js:13:2: Extra semicolon. (semi)

❌ CSS / stylelint - 206 errors

color-hex-length
  339:3   ✖  Expected empty line before rule                              rule-empty-line-before
  342:3   ✖  Expected empty line before rule                              rule-empty-line-before
  345:3   ✖  Expected empty line before rule                              rule-empty-line-before
  347:16  ✖  Expected "#ff0000" to be "#f00"                              color-hex-length
  348:17  ✖  Expected "#00ffff" to be "#0ff"                              color-hex-length
  350:3   ✖  Expected empty line before rule                              rule-empty-line-before
  352:17  ✖  Expected "#ff0000" to be "#f00"                              color-hex-length
  353:15  ✖  Expected "#00ffff" to be "#0ff"                              color-hex-length
  355:3   ✖  Expected empty line before rule                              rule-empty-line-before
  357:16  ✖  Expected "#ff0000" to be "#f00"                              color-hex-length
  358:16  ✖  Expected "#00ffff" to be "#0ff"                              color-hex-length
  360:3   ✖  Expected empty line before rule                              rule-empty-line-before
  362:15  ✖  Expected "#ff0000" to be "#f00"                              color-hex-length
  363:16  ✖  Expected "#00ffff" to be "#0ff"                              color-hex-length
  365:3   ✖  Expected empty line before rule                              rule-empty-line-before
  375:16  ✖  Expected no quotes around "Roboto"                           font-family-name-quotes
  380:16  ✖  Expected no quotes around "Consolas"                         font-family-name-quotes
  403:1   ✖  Expected empty line before comment                           comment-empty-line-before
  410:1   ✖  Expected empty line before comment                           comment-empty-line-before
  417:1   ✖  Expected empty line before comment                           comment-empty-line-before
  424:1   ✖  Expected empty line before comment                           comment-empty-line-before
  431:1   ✖  Expected empty line before comment                           comment-empty-line-before

✖ 206 problems (206 errors, 0 warnings)
  179 errors potentially fixable with the "--fix" option.

(Truncated to last 2222 characters out of 19605)

❌ REPOSITORY / trivy - 1 error

HIGH     │ affected │ 2.0.2             │                        │ expr-eval does not restrict functions passed to the evaluate │
│           │                │          │          │                   │                        │ function                                                     │
│           │                │          │          │                   │                        │ https://avd.aquasec.com/nvd/cve-2025-12735                   │
│           ├────────────────┤          │          │                   ├────────────────────────┼──────────────────────────────────────────────────────────────┤
│           │ CVE-2025-13204 │          │          │                   │                        │ expr-eval vulnerable to Prototype Pollution                  │
│           │                │          │          │                   │                        │ https://avd.aquasec.com/nvd/cve-2025-13204                   │
├───────────┼────────────────┼──────────┤          ├───────────────────┼────────────────────────┼──────────────────────────────────────────────────────────────┤
│ quill     │ CVE-2025-15056 │ LOW      │          │ 2.0.3             │                        │ Quill is vulnerable to XSS via HTML export feature           │
│           │                │          │          │                   │                        │ https://avd.aquasec.com/nvd/cve-2025-15056                   │
├───────────┼────────────────┼──────────┼──────────┼───────────────────┼────────────────────────┼──────────────────────────────────────────────────────────────┤
│ uuid      │ CVE-2026-41907 │ MEDIUM   │ fixed    │ 11.1.0            │ 11.1.1, 12.0.1, 13.0.1 │ uuid: uuid: Out-of-bounds write vulnerability impacts data   │
│           │                │          │          │                   │                        │ integrity and confidentiality                                │
│           │                │          │          │                   │                        │ https://avd.aquasec.com/nvd/cve-2026-41907                   │
└───────────┴────────────────┴──────────┴──────────┴───────────────────┴────────────────────────┴──────────────────────────────────────────────────────────────┘

(Truncated to last 2222 characters out of 16346)

❌ TYPESCRIPT / ts-standard - 1 error

xtra semicolon. (@typescript-eslint/semi)
  src/util/scrollTo.ts:11:54: Extra semicolon. (@typescript-eslint/semi)
  src/util/scrollTo.ts:14:2: Extra semicolon. (@typescript-eslint/semi)
  src/util/scrollTo.ts:16:24: Extra semicolon. (@typescript-eslint/semi)
  src/util/tierFormat.ts:6:8: Unexpected string value in conditional. An explicit empty string check is required. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:10:7: Unexpected nullable object value in conditional. An explicit null check is required. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:12:11: Unexpected nullable number value in conditional. Please handle the nullish/zero/NaN cases explicitly. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:22:8: Unexpected string value in conditional. An explicit empty string check is required. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:24:8: Unexpected nullable number value in conditional. Please handle the nullish/zero/NaN cases explicitly. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:37:8: Unexpected string value in conditional. An explicit empty string check is required. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:42:8: Unexpected string value in conditional. An explicit empty string check is required. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:42:16: Unexpected number value in conditional. An explicit zero/NaN check is required. (@typescript-eslint/strict-boolean-expressions)
  src/util/tierFormat.ts:42:29: Unexpected string value in conditional. An explicit empty string check is required. (@typescript-eslint/strict-boolean-expressions)
  src/vite-env.d.ts:1:1: Do not use a triple slash reference for vite/client, use `import` style instead. (@typescript-eslint/triple-slash-reference)
  src/vite-env.d.ts:2:1: Do not use a triple slash reference for vite-plugin-pwa/client, use `import` style instead. (@typescript-eslint/triple-slash-reference)
  src/vite-env.d.ts:3:1: Do not use a triple slash reference for vite/client, use `import` style instead. (@typescript-eslint/triple-slash-reference)

(Truncated to last 2222 characters out of 1408200)

❌ ACTION / zizmor - 1 error

INFO zizmor: 🌈 zizmor v1.25.0
fatal: no audit was performed
'ref-confusion' audit failed on file://.github/workflows/mega-linter.yml

Caused by:
    0: error in 'ref-confusion' audit
    1: couldn't list branches for actions/checkout
    2: request error while accessing GitHub API
    3: HTTP status client error (401 Unauthorized) for url (https://github.com/actions/checkout.git/git-upload-pack)


[ZizmorLinter] Zizmor failed to reach the GitHub API.
To allow zizmor to use GITHUB_TOKEN, add the following to your .mega-linter.yml:
ACTION_ZIZMOR_UNSECURED_ENV_VARIABLES:
  - GITHUB_TOKEN

⚠️ MARKDOWN / markdown-table-formatter - 1 error

3 files contain markdown tables to format:
- ARCHITECTURE.md
- CONTRIBUTING.md
- README.md

⚠️ MARKDOWN / markdownlint - 5 errors

.github/pull_request_template.md:1 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "## Description"]
CODE_OF_CONDUCT.md:58:77 error MD034/no-bare-urls Bare URL used [Context: "compcon@massifpress.com"]
CODE_OF_CONDUCT.md:71:14 error MD034/no-bare-urls Bare URL used [Context: "https://www.contributor-covena..."]
CODE_OF_CONDUCT.md:76:1 error MD034/no-bare-urls Bare URL used [Context: "https://www.contributor-covena..."]
CONTRIBUTING.md:186 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]

⚠️ JSON / prettier - 1 error

Checking formatting...
[warn] src/io/assets/artistmap.json
[warn] src/user/achievements/achievementsDict.json
[warn] src/user/achievements/eventParameterMap.json
[warn] Code style issues found in 3 files. Run Prettier with --write to fix.

⚠️ YAML / prettier - 1 error

Checking formatting...
[warn] .github/workflows/mega-linter.yml
[warn] .mega-linter.yml
[warn] Code style issues found in 2 files. Run Prettier with --write to fix.

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.5.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,ACTION_ZIZMOR,COPYPASTE_JSCPD,CSS_STYLELINT,HTML_DJLINT,HTML_HTMLHINT,JAVASCRIPT_ES,JAVASCRIPT_STANDARD,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_OSV_SCANNER,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,SPELL_LYCHEE,TYPESCRIPT_ES,TYPESCRIPT_STANDARD,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository