Receipt a5fc63f18baa — feat(ci): backfill receipts script for wave 3 dogfood (#256)

AI slop detector slop · passed

Doc claims check doc-claims · passed

Semgrep patterns semgrep · passed

Trivy dependency scan trivy · passed

warningbun.lock — @hono/[email protected]: @hono/node-server: Middleware bypass via repeated slashes in serveStatic (fix: 1.19.13)

warningbun.lock — [email protected]: Astro: XSS in define:vars via incomplete </script> tag sanitization (fix: 6.1.6)

warningbun.lock — [email protected]: Hono: Middleware bypass via repeated slashes in serveStatic (fix: 4.12.12)

warningbun.lock — [email protected]: Hono: Path traversal in toSSG() allows writing files outside the output directory (fix: 4.12.12)

warningbun.lock — [email protected]: Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses (fix: 4.12.12)

warningbun.lock — [email protected]: Hono: Non-breaking space prefix bypass in cookie name handling in getCookie() (fix: 4.12.12)

warningbun.lock — [email protected]: Hono missing validation of cookie name on write path in setCookie() (fix: 4.12.12)

warningbun.lock — [email protected]: hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR (fix: 4.12.14)

warningbun.lock — [email protected]: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output (fix: 8.5.10)

Secret scan secretlint · passed

SonarQube static analysis sonar · passed

Mutation testing stryker · skipped

Diff coverage diff-cover · passed

Biome lint + format biome · passed

warning.maina/wiki/.signals.json:1 — File has 25127 lines (exceeds 500 line limit). Consider splitting.

Code quality review review-quality · skipped

feat(ci): backfill receipts script for wave 3 dogfood (#256)