fix: Security updates#159
StepSecurity Required Checks
Finished StepSecurity Required Checks
- PyPI Compromised Packages Check - Checks for compromised PyPI package versions in the PR
- Pwn Request Vulnerabilities Check - Checks for Pwn Request vulnerabilities in the PR via risky triggers
- NPM Package Cooldown Check - Fails if any package version in the PR was released within the configured cooldown period, helping to avoid brand-new (and potentially unreviewed or malicious) releases
- PyPI Package Cooldown Check - Fails if any PyPI package version in the PR was released within the configured cooldown period
- Maven Compromised Packages Check - Checks for compromised Maven package versions in the PR
- Maven Package Cooldown Check - Fails if any Maven package version in the PR was released within the configured cooldown period
- Script Injection Check - Checks for script injection vulnerabilities in the PR
- NPM Compromised Packages Check - Checks for compromised npm package versions in the PR
Details
✅ Script Injection Vulnerabilities Check
No Script Injection vulnerabilities found in this PR.
✅ Maven Package Cooldown Check
No Maven package upgrades to recent releases found in current PR.
✅ PyPI Compromised Packages Check
No compromised PyPI package versions found in current PR.
✅ Maven Compromised Packages Check
No compromised Maven package versions found in current PR.
✅ Pwn Request Vulnerabilities Check
No Pwn Request vulnerabilities found in this PR.
✅ PyPI Package Cooldown Check
No PyPI package upgrades to recent releases found in current PR.
✅ NPM Package Cooldown Check
No npm package upgrades to recent releases found in current PR.
The following npm packages are inspected in current PR
| Package Name | Previous Version | Current Version | file | Current Version Release Date |
|---|---|---|---|---|
| form-data | 4.0.6 | package-lock.json | 2026-06-12T17:37:53Z | |
| hasown | 2.0.2 | 2.0.4 | package-lock.json | 2026-05-28T18:11:39Z |
✅ NPM Compromised Packages Check
No Compromised npm packages are added in current PR.
⏲️ History
Previous invocation results of same check:
✅ PyPI Compromised Packages Check
No compromised PyPI package versions found in current PR.
✅ Script Injection Vulnerabilities Check
No Script Injection vulnerabilities found in this PR.
✅ PyPI Package Cooldown Check
No PyPI package upgrades to recent releases found in current PR.
✅ Pwn Request Vulnerabilities Check
No Pwn Request vulnerabilities found in this PR.
✅ Maven Compromised Packages Check
No compromised Maven package versions found in current PR.
✅ Maven Package Cooldown Check
No Maven package upgrades to recent releases found in current PR.
✅ NPM Package Cooldown Check
No npm package upgrades to recent releases found in current PR.
The following npm packages are inspected in current PR
| Package Name | Previous Version | Current Version | file | Current Version Release Date |
|---|---|---|---|---|
| form-data | 4.0.6 | package-lock.json | 2026-06-12T17:37:53Z | |
| hasown | 2.0.2 | 2.0.4 | package-lock.json | 2026-05-28T18:11:39Z |
✅ NPM Compromised Packages Check
No Compromised npm packages are added in current PR.