Staging --> master by abhishek305 · Pull Request #256 · contentstack/gatsby-source-contentstack

abhishek305 · 2026-03-31T09:11:17Z

Changes:

staging to master

fix: security issues

github-actions · 2026-03-31T09:11:57Z

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	1	10	✅ Passed
🟠 High Severity	1	2	25	✅ Passed
🟡 Medium Severity	1	13	500	✅ Passed
🔵 Low Severity	0	2	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	1	1	30 / 120 days	❌ Failed / ⚠️ Warning
🟡 Medium	0	4	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 1 issue(s) that have exceeded the 30-day SLA threshold:

Command Injection
- ID: SNYK-JS-PNPMNPMCONF-14897556
- Package: @pnpm/npm-conf@2.3.1
- Published: 81 days ago (SLA: 30 days)
- CVSS Score: 7
- CVE: CVE-2025-69262

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

Critical without fixes: 1
High without fixes: 2
Medium without fixes: 13
Low without fixes: 2

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.

github-actions · 2026-03-31T09:12:02Z

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	1	10	✅ Passed
🟠 High Severity	1	2	25	✅ Passed
🟡 Medium Severity	1	13	500	✅ Passed
🔵 Low Severity	0	2	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	1	1	30 / 120 days	❌ Failed / ⚠️ Warning
🟡 Medium	0	4	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 1 issue(s) that have exceeded the 30-day SLA threshold:

Command Injection
- ID: SNYK-JS-PNPMNPMCONF-14897556
- Package: @pnpm/npm-conf@2.3.1
- Published: 81 days ago (SLA: 30 days)
- CVSS Score: 7
- CVE: CVE-2025-69262

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

Critical without fixes: 1
High without fixes: 2
Medium without fixes: 13
Low without fixes: 2

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.

github-actions · 2026-03-31T10:11:39Z

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	1	10	✅ Passed
🟠 High Severity	1	2	25	✅ Passed
🟡 Medium Severity	1	13	500	✅ Passed
🔵 Low Severity	0	2	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	1	1	30 / 120 days	❌ Failed / ⚠️ Warning
🟡 Medium	0	4	90 / 365 days	⚠️ Warning
🔵 Low	0	0	180 / 365 days	✅ Passed

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 1 issue(s) that have exceeded the 30-day SLA threshold:

Command Injection
- ID: SNYK-JS-PNPMNPMCONF-14897556
- Package: @pnpm/npm-conf@2.3.1
- Published: 81 days ago (SLA: 30 days)
- CVSS Score: 7
- CVE: CVE-2025-69262

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

Critical without fixes: 1
High without fixes: 2
Medium without fixes: 13
Low without fixes: 2

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.

github-actions · 2026-03-31T10:27:47Z

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	1	10	✅ Passed
🟠 High Severity	0	2	25	✅ Passed
🟡 Medium Severity	1	13	500	✅ Passed
🔵 Low Severity	0	2	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	15 / 30 days	✅ Passed
🟠 High	1	30 / 120 days	⚠️ Warning
🟡 Medium	4	90 / 365 days	⚠️ Warning
🔵 Low	0	180 / 365 days	✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

Critical without fixes: 1
High without fixes: 2
Medium without fixes: 13
Low without fixes: 2

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.

rahul-contentstack

LGTM!

abhishek305 added 2 commits March 29, 2026 15:59

fix: security issues

f648ca2

Merge pull request #255 from contentstack/MKT-17439

5a1f2dd

fix: security issues

abhishek305 requested a review from a team as a code owner March 31, 2026 09:11

Merge branch 'master' into staging

a844225

Amitkanswal previously approved these changes Mar 31, 2026

View reviewed changes

abhishek305 closed this Mar 31, 2026

abhishek305 reopened this Mar 31, 2026

fix: SLA checks

ce72597

abhishek305 dismissed Amitkanswal’s stale review via ce72597 March 31, 2026 10:27

abhishek305 requested a review from Amitkanswal March 31, 2026 11:03

Amitkanswal approved these changes Mar 31, 2026

View reviewed changes

rahul-contentstack approved these changes Mar 31, 2026

View reviewed changes

abhishek305 merged commit a7a08f4 into master Mar 31, 2026
8 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Staging --> master#256

Staging --> master#256
abhishek305 merged 4 commits intomasterfrom
staging

abhishek305 commented Mar 31, 2026

Uh oh!

github-actions bot commented Mar 31, 2026

Uh oh!

github-actions bot commented Mar 31, 2026

Uh oh!

github-actions bot commented Mar 31, 2026

Uh oh!

github-actions bot commented Mar 31, 2026

Uh oh!

rahul-contentstack left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

abhishek305 commented Mar 31, 2026

Uh oh!

github-actions bot commented Mar 31, 2026

🔒 Security Scan Results

⏱️ SLA Breach Summary

🟠 High Severity - SLA Breached Issues (with fixes)

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

Uh oh!

github-actions bot commented Mar 31, 2026

🔒 Security Scan Results

⏱️ SLA Breach Summary

🟠 High Severity - SLA Breached Issues (with fixes)

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

Uh oh!

github-actions bot commented Mar 31, 2026

🔒 Security Scan Results

⏱️ SLA Breach Summary

🟠 High Severity - SLA Breached Issues (with fixes)

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

Uh oh!

github-actions bot commented Mar 31, 2026

🔒 Security Scan Results

⏱️ SLA Breach Summary

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

Uh oh!

rahul-contentstack left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants