[Snyk] Security upgrade debian from stretch-20210408-slim to 9-slim

[dotam99]

This PR was automatically created by Snyk using the credentials of a real user.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

• content/actions/creating-actions/dockerfile-support-for-github-actions.md

We recommend upgrading to debian:9-slim, as this image has only 86 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Severity	Priority Score / 1000	Issue	Exploit Maturity
	436	CVE-2022-1664 SNYK-DEBIAN9-DPKG-2847943	No Known Exploit
	514	Use of a Broken or Risky Cryptographic Algorithm SNYK-DEBIAN9-LIBGCRYPT20-1582895	No Known Exploit
	500	Out-of-bounds Write SNYK-DEBIAN9-LZ4-1277599	No Known Exploit
	514	Loop with Unreachable Exit Condition ('Infinite Loop') SNYK-DEBIAN9-TAR-312293	No Known Exploit
	511	Out-of-bounds Write SNYK-DEBIAN9-ZLIB-2433935	No Known Exploit

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[guardrails]

⚠️ We detected 921 security issues in this pull request:

Mode: paranoid | Total findings: 921 | Considered vulnerability: 921

Insecure File Management (206)

Docs	Details
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/all-products.js Line 9 in e6a4ced const { data } = frontmatter(fs.readFileSync(homepage, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/all-products.js Line 20 in e6a4ced if (!fs.existsSync(dir)) return
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/all-products.js Line 23 in e6a4ced const { data } = frontmatter(fs.readFileSync(toc, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/built-asset-urls.js Line 7 in e6a4ced const buffer = fs.readFileSync(absFilePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/data-directory.js Line 44 in e6a4ced filename => [filename, fs.readFileSync(filename, 'utf8')]
💡	Title: Use of non-literal require, Severity: High docs/lib/instrument-middleware.js Line 8 in e6a4ced const middleware = require(path.resolve(__dirname, '../middleware', relativePath))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/layouts.js Line 14 in e6a4ced const content = fs.readFileSync(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 19 in e6a4ced if (!fs.existsSync(path.join(dist, 'react'))) {
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 20 in e6a4ced fs.mkdirSync(path.join(dist, 'react'), { recursive: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 22 in e6a4ced const content = transform(fs.readFileSync(file.path, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 23 in e6a4ced fs.writeFileSync(path.join(dist, file.path), content)
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/readfile-async.js Line 6 in e6a4ced module.exports = util.promisify(fs.readFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/rest/index.js Line 6 in e6a4ced fs.readdirSync(schemasPath)
💡	Title: Use of non-literal require, Severity: High docs/lib/rest/index.js Line 9 in e6a4ced const value = require(path.join(schemasPath, filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/lunr-get-index-names.js Line 5 in e6a4ced return await fs.readdir(path.join(__dirname, 'indexes'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/lunr-search-index.js Line 78 in e6a4ced .then(content => fs.writeFile(
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/lunr-search-index.js Line 88 in e6a4ced .then(content => fs.writeFile(
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/sync.js Line 80 in e6a4ced fs.writeFileSync(cacheFile, JSON.stringify(index, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/sync.js Line 100 in e6a4ced fs.writeFileSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/webhooks/index.js Line 11 in e6a4ced const versions = fs.readdirSync(staticDir)
💡	Title: Use of non-literal require, Severity: High docs/lib/webhooks/index.js Line 22 in e6a4ced set(payloadsPerVersion, payloadPath, formatAsJsonCodeBlock(require(payloadFile)))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/clone-for-build.js Line 123 in e6a4ced if (fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 41 in e6a4ced dirStats = fs.statSync(earlyAccessLocalRepoDir)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 86 in e6a4ced if (!fs.existsSync(sourceDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 92 in e6a4ced fs.symlinkSync(sourceDir, destDir, 'junction')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 95 in e6a4ced if (!fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 98 in e6a4ced if (!fs.lstatSync(destDir).isSymbolicLink()) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 101 in e6a4ced if (!fs.statSync(destDir).isDirectory()) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 37 in e6a4ced if (!fs.existsSync(earlyAccessContentAndDataFiles)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 51 in e6a4ced const oldContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 111 in e6a4ced fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 131 in e6a4ced if (!fs.existsSync(variablePath)) return false
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 134 in e6a4ced const variableFileContent = yaml.safeLoad(fs.readFileSync(variablePath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 148 in e6a4ced return fs.existsSync(`${path.posix.join(earlyAccessData, reusablePath)}.md`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 158 in e6a4ced return fs.existsSync(path.posix.join(earlyAccessImages, imagePath))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 89 in e6a4ced await fs
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 115 in e6a4ced if (!fs.existsSync(fullPathToArchivalRepo)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 143 in e6a4ced fs.mkdirSync(finalDirectory, { recursive: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 166 in e6a4ced fs.renameSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 200 in e6a4ced fs.writeFileSync(path.posix.join(finalDirectory, 'redirects.json'), JSON.stringify(redirectsPerVersion, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/remove-static-files.js Line 41 in e6a4ced fs.readdirSync(dir)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-deprecations/remove-version-markup.js Line 65 in e6a4ced require(path.join(process.cwd(), removeUnusedAssetsScript))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/remove-version-markup.js Line 73 in e6a4ced const oldContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/remove-version-markup.js Line 103 in e6a4ced fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 45 in e6a4ced if (!fs.existsSync(newSchemaFile)) {
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 55 in e6a4ced const previews = require(previewsFile)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 56 in e6a4ced const changes = require(changesFile)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 57 in e6a4ced const objects = require(objectsFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 85 in e6a4ced fs.writeFileSync(previewsFile, JSON.stringify(previews, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 86 in e6a4ced fs.writeFileSync(changesFile, JSON.stringify(changes, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 87 in e6a4ced fs.writeFileSync(objectsFile, JSON.stringify(objects, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 95 in e6a4ced fs.readdirSync(srcDir).forEach(file => {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 102 in e6a4ced if (!fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 107 in e6a4ced if (!fs.readdirSync(destDir).length) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 50 in e6a4ced if (!fs.existsSync(oldDereferencedFile)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 55 in e6a4ced const oldDereferencedContent = fs.readFileSync(oldDereferencedFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 63 in e6a4ced fs.writeFileSync(newDereferencedFile, newDereferenceContent)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 66 in e6a4ced const dereferencedSchema = require(path.join(process.cwd(), newDereferencedFile))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 75 in e6a4ced fs.writeFileSync(newDecoratedFile, JSON.stringify(operations, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-webhook-files.js Line 45 in e6a4ced fs.readdirSync(srcDir).forEach(file => {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-webhook-files.js Line 52 in e6a4ced if (!fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-webhook-files.js Line 57 in e6a4ced if (!fs.readdirSync(destDir).length) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 99 in e6a4ced const dataContent = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 107 in e6a4ced fs.writeFileSync(file, newDataContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 113 in e6a4ced const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 136 in e6a4ced fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/release-banner.js Line 41 in e6a4ced const releaseCandidateData = yaml.safeLoad(fs.readFileSync(releaseCandidateYaml, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/release-banner.js Line 53 in e6a4ced fs.writeFileSync(releaseCandidateYaml, yaml.safeDump(releaseCandidateData))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/fix-translation-errors.js Line 94 in e6a4ced fs.writeFileSync(localisedAbsPath, toWrite)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/get-new-dotcom-path.js Line 30 in e6a4ced if (fs.existsSync(categoryDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/build-changelog.js Line 18 in e6a4ced const previousChangelogString = fs.readFileSync(targetPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/build-changelog.js Line 23 in e6a4ced fs.writeFileSync(targetPath, JSON.stringify(previousChangelog, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 74 in e6a4ced const previousUpcomingChanges = yaml.safeLoad(fs.readFileSync(upcomingChangesPath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 82 in e6a4ced const previousSchemaString = fs.readFileSync(schemaPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 192 in e6a4ced fs.writeFileSync(filepath, content, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 204 in e6a4ced fs.writeFileSync(tempSchemaFilePath, latestSchema)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 206 in e6a4ced fs.unlinkSync(tempSchemaFilePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/utils/prerender-input-objects.js Line 8 in e6a4ced const inputObjectIncludeFile = fs.readFileSync(path.join(includes, 'graphql-input-object.html'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/utils/prerender-objects.js Line 8 in e6a4ced const objectIncludeFile = fs.readFileSync(path.join(includes, 'graphql-object.html'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 30 in e6a4ced assert(fs.existsSync(oldCategoryDir), `directory does not exist: ${oldCategoryDir}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 50 in e6a4ced if (!fs.existsSync(productDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 67 in e6a4ced fs.writeFileSync(productTocPath, matter.stringify(content, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 72 in e6a4ced const tocContents = fs.readFileSync(oldProductTocPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 79 in e6a4ced fs.writeFileSync(oldProductTocPath, matter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 87 in e6a4ced const articleContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 99 in e6a4ced fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-reusables-to-markdown.js Line 28 in e6a4ced const fileContent = fs.readFileSync(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-reusables-to-markdown.js Line 35 in e6a4ced fs.writeFileSync(markdownFilename, value)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/purge-fastly-by-url.js Line 43 in e6a4ced if (batchFile && !fs.existsSync(batchFile)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/purge-fastly-by-url.js Line 54 in e6a4ced fs.readFileSync(batchFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 44 in e6a4ced const contents = fs.readFileSync(categoryIndex, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 81 in e6a4ced fs.writeFileSync(categoryIndex, frontmatter.stringify(content, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 84 in e6a4ced for (const articleFileName of fs.readdirSync(categoryDirPath)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 101 in e6a4ced const articleContents = fs.readFileSync(articlePath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 111 in e6a4ced fs.writeFileSync(articlePath, frontmatter.stringify(articleContent, articleData, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 119 in e6a4ced const productIndexContents = fs.readFileSync(productIndexPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 122 in e6a4ced fs.writeFileSync(productIndexPath, frontmatter.stringify(revisedProductIndex, productIndexData, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 127 in e6a4ced fs.renameSync(categoryDirPath, newPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-filenames-with-ids.js Line 37 in e6a4ced const { data, content } = frontmatter(fs.readFileSync(oldFullPath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-filenames-with-ids.js Line 77 in e6a4ced fs.writeFileSync(newFullPath, frontmatter.stringify(content, data))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/remove-extraneous-translation-files.js Line 21 in e6a4ced fs.unlinkSync(file)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/remove-unused-assets.js Line 39 in e6a4ced : fs.unlinkSync(reusablePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/remove-unused-assets.js Line 50 in e6a4ced : fs.unlinkSync(imagePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-enterprise-dates.js Line 7 in e6a4ced const enterpriseDatesString = fs.readFileSync(enterpriseDatesFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-enterprise-dates.js Line 41 in e6a4ced fs.writeFileSync(enterpriseDatesFile, formattedDatesString)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-internal-links.js Line 66 in e6a4ced const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-internal-links.js Line 177 in e6a4ced fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-readme.js Line 43 in e6a4ced const readmeComment = fs.readFileSync(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-readme.js Line 78 in e6a4ced if (template === fs.readFileSync(readme, 'utf8')) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-readme.js Line 81 in e6a4ced fs.writeFileSync(readme, template)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 20 in e6a4ced const content = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 25 in e6a4ced fs.writeFileSync(file, newContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 30 in e6a4ced const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 62 in e6a4ced fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/category-pages.js Line 47 in e6a4ced const contents = fs.readFileSync(productIndex, 'utf8') // TODO move to async
💡	Title: Use of non-literal require, Severity: High docs/middleware/contextualizers/graphql.js Line 26 in e6a4ced schemaForCurrentVersion: require(`../../lib/graphql/static/schema-${graphqlVersion}`),
💡	Title: Use of non-literal require, Severity: High docs/middleware/contextualizers/webhooks.js Line 3 in e6a4ced const webhookPayloads = require(path.join(process.cwd(), 'lib/webhooks'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/backfill-missing-localizations.js Line 30 in e6a4ced if (!fs.existsSync(fullPath)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/backfill-missing-localizations.js Line 34 in e6a4ced fs.writeFileSync(fullPath, fs.readFileSync(englishFullPath))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/check-english-links.js Line 76 in e6a4ced fs.appendFileSync(logFile, JSON.stringify(result) + '\n')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/add-tags-to-articles.js Line 42 in e6a4ced const articleContents = fs.readFileSync(filePath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/add-tags-to-articles.js Line 61 in e6a4ced fs.writeFileSync(filePath, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 40 in e6a4ced if (fs.existsSync(existingFileToCompare)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 54 in e6a4ced const existingImageToCompare = await fs.readFileSync(existingFileToCompare)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 55 in e6a4ced const enterpriseImage = await fs.readFileSync(file)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 63 in e6a4ced if (compareResult === 0) fs.unlinkSync(file)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 29 in e6a4ced if (!fs.existsSync(existingFileToCompare)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 31 in e6a4ced if (!fs.existsSync(newDirectoryName)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 32 in e6a4ced fs.mkdirSync(newDirectoryName, { recursive: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 34 in e6a4ced fs.renameSync(file, existingFileToCompare)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-html-comments-from-index-files.js Line 12 in e6a4ced const newContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-html-comments-from-index-files.js Line 14 in e6a4ced fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 27 in e6a4ced let categoryIndexContent = fs.readFileSync(categoryIndexFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 55 in e6a4ced if (!fs.existsSync(oldTopicFile)) continue
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 57 in e6a4ced if (!fs.existsSync(newTopicDirectory)) fs.mkdirSync(newTopicDirectory)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 59 in e6a4ced const { data, content } = frontmatter(fs.readFileSync(oldTopicFile, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 74 in e6a4ced if (!fs.existsSync(`${oldTopicDirectory}/${article}.md`)) return
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 78 in e6a4ced fs.renameSync(`${oldTopicDirectory}/${article}.md`, newArticlePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 81 in e6a4ced const articleContents = frontmatter(fs.readFileSync(newArticlePath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 85 in e6a4ced fs.writeFileSync(newArticlePath, frontmatter.stringify(articleContents.content.trim(), articleContents.data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 89 in e6a4ced fs.writeFileSync(`${newTopicDirectory}/index.md`, frontmatter.stringify(topicContent.trim(), data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 92 in e6a4ced fs.writeFileSync(categoryIndexFile, categoryIndexContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 95 in e6a4ced fs.unlinkSync(oldTopicFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 160 in e6a4ced if (fs.existsSync(imagePath)) fs.unlinkSync(imagePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 165 in e6a4ced if (fs.existsSync(imagePath)) fs.unlinkSync(imagePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 188 in e6a4ced fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 195 in e6a4ced fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 202 in e6a4ced fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 208 in e6a4ced fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 223 in e6a4ced fs.unlinkSync(path.join(process.cwd(), directoryImage))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-developer-site-links.js Line 30 in e6a4ced const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-developer-site-links.js Line 72 in e6a4ced fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-tocs.js Line 39 in e6a4ced const { data, content } = frontmatter(fs.readFileSync(indexFile, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-tocs.js Line 76 in e6a4ced fs.writeFileSync(indexFile, frontmatter.stringify('', data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/create-glossary-from-spreadsheet.js Line 14 in e6a4ced const glossary = yaml.safeLoad(fs.readFileSync(inputFile, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/create-glossary-from-spreadsheet.js Line 28 in e6a4ced fs.writeFileSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/script/create-glossary-from-spreadsheet.js Line 33 in e6a4ced fs.writeFileSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/clone-for-build.js Line 114 in e6a4ced if (!fs.existsSync(sourceDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/clone-for-build.js Line 120 in e6a4ced fs.renameSync(sourceDir, destDir)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 34 in e6a4ced assert(fs.existsSync(translationFilePath), `file does not exist: ${translationFilePath}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 38 in e6a4ced assert(fs.existsSync(englishFile), `file does not exist: ${englishFile}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 41 in e6a4ced const englishContent = fs.readFileSync(englishFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 42 in e6a4ced fs.writeFileSync(translationFilePath, englishContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 50 in e6a4ced const relativePath = fs.existsSync(pathArg)
💡	Title: Use of non-literal require, Severity: High docs/script/rest/openapi-check.js Line 24 in e6a4ced const schemas = files.map(filename => require(filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 11 in e6a4ced const schemas = fs.readdirSync(dereferencedPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 33 in e6a4ced if (!fs.existsSync(githubRepoDir)) {
💡	Title: Use of non-literal require, Severity: High docs/script/rest/update-files.js Line 78 in e6a4ced const schema = require(path.join(dereferencedPath, filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 80 in e6a4ced fs.writeFileSync(path.join(dereferencedPath, filename), JSON.stringify(schema, null, 2))
💡	Title: Use of non-literal require, Severity: High docs/script/rest/update-files.js Line 88 in e6a4ced const schema = require(path.join(dereferencedPath, filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 104 in e6a4ced fs.writeFileSync(filename, JSON.stringify(operations, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/standardize-frontmatter-order.js Line 30 in e6a4ced const { content, data } = matter(fs.readFileSync(fullPath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/standardize-frontmatter-order.js Line 36 in e6a4ced fs.writeFileSync(fullPath, matter.stringify(content, newData, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/test-render-translation.js Line 54 in e6a4ced const fileContents = await fs.promises.readFile(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/category-pages.js Line 54 in e6a4ced .filter(link => fs.existsSync(getPath(productDir, link, 'index')))
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/category-pages.js Line 99 in e6a4ced const childEntries = await fs.promises.readdir(categoryDir, { withFileTypes: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/gitignore.js Line 4 in e6a4ced const gitignore = fs.readFileSync(gitignorePath, 'utf8')
💡	Title: Use of non-literal require, Severity: High docs/tests/content/graphql.js Line 23 in e6a4ced const schemaJsonPerVersion = require(`../../lib/graphql/static/schema-${version}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/site-data-references.js Line 110 in e6a4ced await fs.stat(filepath)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/site-data.js Line 48 in e6a4ced await fs.writeFile(newFile, 'newvalue: bar')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/site-data.js Line 52 in e6a4ced await fs.unlink(newFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/graphql/build-changelog-test.js Line 126 in e6a4ced await fs.writeFile(testTargetPath, previousContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/helpers/crowdin-config.js Line 7 in e6a4ced return yaml.load(fs.readFileSync(filename, 'utf8'), { filename })
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/meta/orphan-tests.js Line 12 in e6a4ced const testDirectory = await fs.readdir(pathToTests)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/meta/orphan-tests.js Line 21 in e6a4ced await fs.stat(
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/rendering/rest.js Line 20 in e6a4ced const filenames = (await fs.readdir(referenceDir))
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/actions-workflows.js Line 7 in e6a4ced const workflows = fs.readdirSync(workflowsDir)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/actions-workflows.js Line 11 in e6a4ced const data = yaml.load(fs.readFileSync(fullpath, 'utf8'), { fullpath })
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/early-access.js Line 8 in e6a4ced expect(await fs.stat(eaDir)).toBeTruthy()
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/early-access.js Line 13 in e6a4ced expect(await fs.stat(eaDir)).toBeTruthy()
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/early-access.js Line 18 in e6a4ced expect(await fs.stat(eaDir)).toBeTruthy()
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/get-rss-feeds.js Line 6 in e6a4ced const rssFeedContent = fs.readFileSync(path.join(process.cwd(), 'tests/fixtures/rss-feed.xml'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/search/parse-page-sections-into-records.js Line 6 in e6a4ced pageWithSections: fs.readFileSync(path.join(__dirname, 'fixtures/page-with-sections.html'), 'utf8'),
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/search/parse-page-sections-into-records.js Line 7 in e6a4ced pageWithoutSections: fs.readFileSync(path.join(__dirname, 'fixtures/page-without-sections.html'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/search/topics.js Line 12 in e6a4ced const fileContent = fs.readFileSync(filename, 'utf8')
💡	Title: Path Traversal from user input, Severity: High docs/middleware/contextualizers/rest.js Line 14 in e6a4ced '/developers/apps'
💡	Title: Path Traversal from user input, Severity: High docs/lib/rewrite-local-links.js Line 40 in e6a4ced newHref = path.join('/', languageCode, href)
💡	Title: Path Traversal from user input, Severity: High docs/lib/rewrite-local-links.js Line 47 in e6a4ced newHref = path.join('/', languageCode, href)
💡	Title: Path Traversal from user input, Severity: High docs/middleware/early-access-breadcrumbs.js Line 63 in e6a4ced const mapTopicOrArticlePath = path.posix.join(categoryPath, pathParts[2])
💡	Title: Path Traversal from user input, Severity: High docs/middleware/early-access-breadcrumbs.js Line 50 in e6a4ced const categoryPath = removeFPTFromPath(path.posix.join('/', 'en', req.context.currentVersion, 'early-access', pathParts[0], pathParts[1]))
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 35 in e6a4ced title: product.title
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 49 in e6a4ced const categoryPath = removeFPTFromPath(path.posix.join('/', req.context.currentLanguage, req.context.currentVersion, productPath, pathParts[1]))
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 21 in e6a4ced const productPath = path.posix.join('/', req.context.currentProduct)
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 34 in e6a4ced href: removeFPTFromPath(path.posix.join('/', req.context.currentLanguage, req.context.currentVersion, productPath)),
💡	Title: Path Traversal from user input, Severity: High docs/middleware/archived-enterprise-versions-assets.js Line 22 in e6a4ced const proxyPath = path.join('/', requestedVersion, assetPath)
💡	Title: Path Traversal from user input, Severity: High docs/lib/get-link-data.js Line 37 in e6a4ced const href = removeFPTFromPath(path.join('/', context.currentLanguage, version, linkPath))

More info on how to fix Insecure File Management in JavaScript.

---

Insecure Use of Regular Expressions (34)

Docs	Details
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 12 in e6a4ced enterprise: /\/enterprise(?:\/|$|\?)(\d+\.\d+)?/,
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 13 in e6a4ced admin: /enterprise\/(\d+\.\d+\/)?admin\/?/,
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 14 in e6a4ced gheUser: /enterprise\/(\d+\.\d+\/)?user(\/|$|\?)/,
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 15 in e6a4ced enterpriseHomepage: /\/enterprise\/?(\d+\.\d+)?$/,

---

This comment has been truncated due to comment length limitations, please go to the dashboard for further details.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.