Skip to content

kubeflow-centraldashboard/1.9.1 package update #29939

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 3, 2024
Merged

kubeflow-centraldashboard/1.9.1 package update #29939

merged 1 commit into from
Oct 3, 2024

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented Oct 2, 2024

@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. labels Oct 2, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 2, 2024

Package kubeflow-centraldashboard: Click to expand/collapse

Package kubeflow-centraldashboard:

.PKGINFO metadata:

  (
  	"""
  	# Generated by melange
  	pkgname = kubeflow-centraldashboard
- 	pkgver = 1.9.0-r4
+ 	pkgver = 1.9.1-r0
  	arch = x86_64
- 	size = 110445067
+ 	size = 110445313
  	origin = kubeflow-centraldashboard
  	pkgdesc = Landing page and central dashboard for Kubeflow deployments
  	url = 
- 	commit = 21d880cf7120e9d8f623829fec4eeb3c4d7fc8e9
- 	builddate = 1727160479
+ 	commit = 47b9e6b0c21d33e75786fa63e245eea6aef1f0e9
+ 	builddate = 1727902246
  	license = MIT
  	depend = npm
- 	datahash = cab79c3d1cb51b9ac370f4dad0f3c5bc541a90dd1347d7eed2355d637e386105
+ 	datahash = 05d00828b1c0b269ee9e47cda977112494c83997dc2b3bb35f48a9222f374ecf
  	"""
  )

Added: /app/node_modules/.cache/terser-webpack-plugin/content-v2/sha512/4c/f3/9a186c02c17719e0d751c32d0069b895e52dd687f6a43818b81109131ef25aa50c06f52fb1ba1a9b4180da0d07e73a74a64b9a2ce30ab50ea973b626754a
Added: /app/node_modules/.cache/terser-webpack-plugin/index-v5/cf/29/c8da48d70c1705aa789a5245c38d84d42f45880b92447c564d5c01f878a6
Modified: /app/dist/public/app.bundle.js
Modified: /app/dist/public/app.bundle.js.map
Modified: /app/manifests/base/kustomization.yaml
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/24/94/e3866be52743737b298c37190204540e0b724adf0e2de65f3eed9b71be6f
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/70/59/429d7982ec7a222d1688f462d9316b8ce5a4cecb6468bbe1e0232981ecef
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/71/bf/b63e2ad3467a08afb41242c6ece94f0941534f0b4490d11728e12bef0cad
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/76/4b/633de1f377cc75683cffd7e8236115fde83077880041767c62b0d642dbdc
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/85/3c/4e5b34e5287a788bc7ca3e02eb376db63a0b6847b0f62c8bf3be52e7aacf
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/be/bb/e2c0d38cd6c9c461b03fd765c7d73aad1eef99e92072c35cd794b136f2c1
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/c2/ff/7248ad9b6d0c0cf52cef69f0ee0597ff33ea3c757abdaa547b0776de447e
Modified: /app/node_modules/.cache/terser-webpack-plugin/index-v5/e9/47/e87753b518703fe552c26efdee8bc0b98ccb089e97c1e82c27683838197b
Deleted: /app/node_modules/.cache/terser-webpack-plugin/content-v2/sha512/a8/72/0706739e9889d1b9d72a12739374fd24031a2fd08bcca94f5c5461272bbe9d9c91af9aade4dbdb5ad077e9965be5bb51dbad66deda258695c825d4520abd
Deleted: /app/node_modules/.cache/terser-webpack-plugin/index-v5/7a/a2/0828de6d7eab73c9a27fc7f9787d910a3bd167e90cb95fc44723381d2542

malcontent found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/chartjs-plugin-crosshair/dist/www/gitbook/theme.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/punycode/punycode.es6.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/sha512.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/punycode/punycode.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/tar/lib/winchars.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/dist/protobuf.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@protobufjs/base64/tests/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@polymer/iron-input/iron-input.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@polymer/iron-a11y-keys-behavior/iron-a11y-keys-behavior.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_inline/emphasis.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/iconv-lite/encodings/utf7.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_block/lheading.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/escodegen/escodegen.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/util.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/uri-js/dist/es5/uri.all.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@babel/polyfill/dist/polyfill.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_inline/strikethrough.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@types/node/buffer.d.ts

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/src/converter.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/dist/minimal/protobuf.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@protobufjs/utf8/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_block/list.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/make-win.ps1

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/espree/node_modules/acorn/dist/acorn.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/espree/node_modules/acorn/dist/acorn.mjs

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/catharsis/lib/parser.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/tweetnacl/nacl.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/base64-js/test/convert.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@kubernetes/client-node/node_modules/js-yaml/lib/loader.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/google-gax/node_modules/google-auth-library/build/src/auth/googleauth.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/dist/light/protobuf.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/dist/public/app.bundle.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/mdurl/encode.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/google-gax/node_modules/object-hash/dist/object_hash.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/google-gax/node_modules/gtoken/build/src/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@babel/polyfill/dist/polyfill.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/google-gax/node_modules/fast-text-encoding/text.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/client/library.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/client/library.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/xmlcreate/lib/validate.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/chartjs-plugin-crosshair/dist/docs/gitbook/theme.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/client/core.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/dist/markdown-it.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/ed25519.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/tweetnacl/nacl.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/marked/lib/marked.umd.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/src/util/longbits.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/rc2.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/common/utils.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/qs/test/stringify.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/md5.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/marked/src/helpers.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@kubernetes/client-node/node_modules/js-yaml/lib/dumper.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/tweetnacl/nacl.d.ts

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/tweetnacl/nacl-fast.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/@babel/parser/lib/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/psl/dist/psl.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@protobufjs/base64/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/ajv/dist/ajv.bundle.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/lodash/lodash.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/dist/protobuf.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/kem.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/x509.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/asn1.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/pss.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/sha1.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/jose/dist/browser/runtime/base64url.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/chartjs-plugin-crosshair/dist/www/gitbook/gitbook.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/esprima/dist/esprima.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/sshpk/lib/fingerprint.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/chartjs-plugin-crosshair/dist/docs/gitbook/gitbook.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/openid-client/lib/helpers/client.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_core/smartquotes.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/openid-client/node_modules/object-hash/dist/object_hash.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/uri-js/dist/es5/uri.all.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/dist/forge.all.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/request/lib/oauth.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/acorn/dist/acorn.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/qs/lib/parse.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/getpass/lib/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/client/core.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/modules/es6.string.from-code-point.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/google-gax/node_modules/fast-text-encoding/text.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/dist/forge.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/brace-expansion/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/psl/dist/psl.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/uri-js/dist/esnext/uri.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/prng.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/jsdoc/templates/default/static/scripts/prettify/prettify.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@polymer/app-layout/demo/sample-content.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/marked/lib/marked.esm.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/des.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/mdurl/decode.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@polymer/iron-menu-behavior/iron-menu-behavior.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/sshpk/lib/private-key.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/dist/markdown-it.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/client/shim.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/google-gax/node_modules/json-bigint/lib/parse.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_block/fence.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/bcrypt-pbkdf/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/library/modules/es6.string.from-code-point.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_block/hr.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/core-js/client/shim.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/content-disposition/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/marked/marked.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/ajv/dist/ajv.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/acorn-jsx/index.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/esutils/lib/code.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/google-gax/node_modules/google-auth-library/build/src/crypto/browser/crypto.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/lodash/keyBy.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/dist/light/protobuf.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/markdown-it/lib/rules_inline/state_inline.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/sha256.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@kubernetes/client-node/node_modules/js-yaml/dist/js-yaml.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@kubernetes/client-node/node_modules/js-yaml/dist/js-yaml.min.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/iconv-lite/encodings/sbcs-codec.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@vaadin/vaadin-grid/src/vaadin-grid-sorter.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/qs/dist/qs.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/aes.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/@babel/polyfill/browser.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/cli/node_modules/entities/lib/decode_codepoint.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/node-forge/lib/pkcs1.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/tweetnacl/nacl-fast.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/iconv-lite/encodings/internal.js

Changed: /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/app/node_modules/protobufjs/dist/minimal/protobuf.min.js

Moved: kubeflow-centraldashboard/var/lib/db/sbom/kubeflow-centraldashboard-1.9.0-r4.spdx.json -> /tmp/wolfictl-apk-4033625415/kubeflow-centraldashboard/var/lib/db/sbom/kubeflow-centraldashboard-1.9.1-r0.spdx.json (similarity: 0.99)

@octo-sts octo-sts bot added the bincapz/blocking Bincapz (aka malcontent) scan results detected CRITICALs on the packages. label Oct 2, 2024
@octo-sts Octo STS
Copy link
Contributor Author

octo-sts bot commented Oct 2, 2024

malcontent detected files with a risk score equal or higher than 'CRITICAL': Click to expand/collapse

/tmp/malcontent2412547811/packages/x86_64/kubeflow-centraldashboard-1.9.1-r0.apk/app/make-win.ps1 [🚨 CRITICAL]

RISK KEY DESCRIPTION EVIDENCE
HIGH 3P/InQuest-VT/base64/powershell/directives This signature detects base64 encoded Powershell directives., by InQuest Labs ICBXcml0ZS1Ib3N0I
VGVzdC1QYXRoI
CRITICAL 3P/secuinfra/susp/powershell/base64 Detects PowerShell code to decode Base64 data, by SECUINFRA Falcon Team [System.Convert]::FromBase64String(

/tmp/malcontent2412547811/packages/x86_64/kubeflow-centraldashboard-1.9.1-r0.apk/app/node_modules/google-gax/node_modules/google-auth-library/build/src/auth/googleauth.js [🚨 CRITICAL]

RISK KEY DESCRIPTION EVIDENCE
CRITICAL combo/stealer/crypto steals private cryptographic data POST
http://www.apache.org/licenses/LICENSE-2.0
https://cloud.google.com/docs/authentication/getting-started
microsoft/TypeScript#5228
https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/
private_key

/tmp/malcontent2412547811/packages/x86_64/kubeflow-centraldashboard-1.9.1-r0.apk/app/node_modules/google-gax/node_modules/gtoken/build/src/index.js [🚨 CRITICAL]

RISK KEY DESCRIPTION EVIDENCE
CRITICAL combo/stealer/crypto steals private cryptographic data POST
https://accounts.google.com/o/oauth2/revoke?token=
https://opensource.org/licenses/MIT
https://www.googleapis.com/oauth2/v4/token
privateKey
private_key

/tmp/malcontent2412547811/packages/x86_64/kubeflow-centraldashboard-1.9.1-r0.apk/app/node_modules/openid-client/lib/helpers/client.js [🚨 CRITICAL]

RISK KEY DESCRIPTION EVIDENCE
CRITICAL combo/stealer/crypto steals private cryptographic data POST
panva/openid-client@5a2ea80ef5e59ec0c03dbd
panva/openid-client#91
https://tools.ietf.org/html/rfc6749
private_key

@mamccorm mamccorm merged commit 27a6831 into main Oct 3, 2024
15 checks passed
@mamccorm mamccorm deleted the wolfictl-c6809312-3685-440b-8a90-7fc8c9c0d260 branch October 3, 2024 09:56
@egibs
Copy link
Member

egibs commented Oct 3, 2024

Retroactive approval comment --

Similar to recent findings, the malcontent finding is a false-positive. We've since tuned the offending rule and it will go live when we cut a new release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@egibs egibs egibs approved these changes

@mamccorm mamccorm mamccorm approved these changes

Assignees
No one assigned
Labels
automated pr bincapz/blocking Bincapz (aka malcontent) scan results detected CRITICALs on the packages. P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-version-update request for a newer version of a package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@egibs @mamccorm @wolfi-bot