Release v2.11.0 #498
Merged
Release v2.11.0 #498
+247
−22
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments below.
Code Comments
src/checksum.ts
- [High]Update TLS checksum to latest version
The current checksum for TLS package is no longer valid or desirable and need to be updated to the latest version which would include security patches and fixes. Update the checksum for TLS package to the latest version using SHA-256 hashing function. - [Low]Remove unused import statement
The import statement for fs module is unused and should be removed to avoid bloat and potential conflicts. Remove the 'import * as fs from "fs";' statement from the code.
src/install-agent.ts
- [High]Do not download packages from HTTP
The code downloads a package from an HTTP URL which can be intercepted and modified by an attacker. This could result in the installation of a malicious package. Change the HTTP URL to an HTTPS URL or use a secure package manager or repository. - [High]Verify package checksums
The code does not verify the checksum of the downloaded package. This could result in the installation of a tampered package. Compute the checksum of the downloaded package and verify it against the expected checksum. If the checksums don't match, abort the installation process. - [Low]Bump package version
The code downloads an older version of a package. Newer versions of packages often include security and bug fixes. Update the URL to the latest version of the package.
dist/pre/index.js
- [High]Prefer using Hash and Cipher algorithms that are approved by NIST
The checksum algorithm used in this code can be easily broken and does not adhere to NIST guidelines. Replace SHA-256 with SHA-3 or Blake2 hash algorithms as per NIST guidelines. - [High]Always use HTTPS while downloading the agent to prevent Man-in-the-middle attacks
The download URL for the agent does not use HTTPS, this could potentially be exploited by an attacker who performs a Man-in-the-middle attack. Change the HTTP URL in the code to use HTTPS to avoid Man-in-the-middle attacks. - [High]The agent being downloaded should be signed using a checksum and verified before installation
The code downloads the agent without verifying the authenticity of the agent being downloaded. This code must ensure that the agent is signed using a checksum and verified before installation. Implement verification of the agent signature using checksums before installing the agent. - [Medium]Use a library function to parse URL strings instead of manual parsing
The code is manually parsing URL strings instead of using a library function. Users must not manually parse URLs as they might miss edge cases and bugs, better to use a library function. Use a library function likeurl.parse()to parse URLs instead of manually parsing them. - [Medium]Remove unnecessary use of yield in the code as it complicates the code and increases the overall performance time
The code uses yield which unnecessarily complicates the code and impacts the performance time. Remove yield and instead use asynchronous callback functions. - [Low]Use HTTPS instead of HTTP for the stepsecurity.io domain
The download URL is using an HTTP protocol instead of HTTPS. This could potentially expose downloads to HTTP man-in-the-middle attacks. Use HTTPS protocol instead of HTTP for the stepsecurity.io domain.
dist/pre/index.js.map
{
"recommendations": [
{
"Severity": "High",
"Recommendation": "Prevent SQL Injection attacks",
"Description": "The code builds an SQL string using input data. This can lead to SQL injection attacks and potentially compromise data integrity and confidentiality.",
"Remediation": "Use parameterized SQL statements instead of building SQL strings."
},
{
"Severity": "High",
"Recommendation": "Secure password storage with salted hashing",
"Description": "The code stores passwords in plain text. This can lead to compromise of user credentials if the database or application is compromised.",
"Remediation": "Use salted and hashed passwords with a well-established algorithm like bcrypt or PBKDF2."
},
{
"Severity": "High",
"Recommendation": "Prevent Cross Site Scripting (XSS) Attacks",
"Description": "The code takes user input and renders it on the page without proper encoding. This can lead to Cross Site Scripting (XSS) attacks and potentially compromise data integrity and confidentiality.",
"Remediation": "Use appropriate encoding techniques depending on the context in which the user input will be rendered: HTML encoding, URL encoding, JavaScript encoding, etc."
},
{
"Severity": "High",
"Recommendation": "Implement Authentication and Authorization",
"Description": "The code does not implement user authentication or authorization. This can lead to unauthorized access to system resources and confidential data.",
"Remediation": "Implement user authentication and authorization using a well-established framework or library."
},
{
"Severity": "Medium",
"Recommendation": "Store sensitive data in secure storage",
"Description": "The code stores sensitive data like API keys or database credentials in plain text configuration files or source code. This can lead to compromise of sensitive data if the code is leaked or analyzed.",
"Remediation": "Store sensitive data in secure configuration files or use environment variables to store secrets."
},
{
"Severity": "Medium",
"Recommendation": "Implement Input Validation",
"Description": "The code does not validate user input before using it. This can lead to unexpected behavior or injection attacks.",
"Remediation": "Validate user input: data type, range, length, format, etc."
},
{
"Severity": "Medium",
"Recommendation": "Limit Accessible Directories",
"Description": "The code allows access to non-public directories.",
"Remediation": "Limit access to public directories only."
},
{
"Severity": "Low",
"Recommendation": "Handle Errors Gracefully",
"Description": "The code does not handle errors gracefully, leaving the system in an undefined state on exception.",
"Remediation": "Implement appropriate exception handling and error logging."
},
{
"Severity": "Low",
"Recommendation": "Remove Debug and Test Code",
"Description": "The code contains unneeded debug and test code, increasing attack surface unnecessarily.",
"Remediation": "Remove test and debug code from production code."
},
{
"Severity": "Low",
"Recommendation": "Prevent Timing attacks",
"Description": "The code does not use constant time comparison for sensitive data, allowing timing attacks to guess data values.",
"Remediation": "Use constant time comparison for sensitive data values."
}
]
}
Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find the comments helpful, give them a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments below.
Code Comments
src/checksum.ts
[
{
"Severity": "High",
"Recommendation": "Use secure hash algorithms",
"Description": "Using a strong and secure hash algorithm is essential for maintaining the integrity and security of checksums. SHA-256 is a commonly recommended secure hash algorithm for such purposes.",
"Remediation": "Replace the existing checksum values with SHA-256 checksums for both amd64 and arm64 architectures."
},
{
"Severity": "Medium",
"Recommendation": "Update checksums for security patches",
"Description": "Updating checksums to reflect the changes made in security patches is crucial for ensuring that the correct and secure versions of the software are being used.",
"Remediation": "Update the checksum values to correspond with the versions being used, such as v1.4.2 for amd64 and arm64 architectures."
}
]src/install-agent.ts
[
{
"Severity": "High",
"Recommendation": "Avoid hardcoded URLs in code",
"Description": "Hardcoded URLs in code can lead to maintenance issues and security vulnerabilities.",
"Remediation": "Store the URL in a configuration file or environment variable and fetch it from there."
},
{
"Severity": "Medium",
"Recommendation": "Validate input parameters",
"Description": "Input parameters should be validated to prevent unexpected behaviors.",
"Remediation": "Check and sanitize the 'variant' parameter before using it in the URL."
}
]dist/pre/index.js
[
{
"Severity": "High",
"Recommendation": "Use of Hardcoded Keys in Code",
"Description": "Hardcoded cryptographic keys in the code can pose a security risk as they can be easily compromised.",
"Remediation": "Store cryptographic keys securely outside the codebase, such as in environment variables or a secure key management service."
},
{
"Severity": "Medium",
"Recommendation": "Updating Hardcoded URL Paths",
"Description": "Changing hardcoded URLs can result in pointing to incorrect or outdated resources, affecting application functionality.",
"Remediation": "Move the URLs to configuration files or environment variables that can be easily updated without code changes."
}
]dist/pre/index.js.map
{
"recommendations": []
}
Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find the comments helpful, give them a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments below.
Code Comments
src/install-agent.ts
[
{
"Severity": "High",
"Recommendation": "Avoid hardcoding version numbers for external dependencies",
"Description": "Hardcoding version numbers can lead to potential security vulnerabilities and maintenance issues.",
"Remediation": "Store version numbers in a centralized configuration file or environment variable to easily update them across the application."
},
{
"Severity": "Medium",
"Recommendation": "Validate user input for variant parameter to prevent injection attacks",
"Description": "Not validating user input can lead to potential security risks like injection attacks.",
"Remediation": "Implement input validation mechanisms such as type checking or whitelisting permitted values for the 'variant' parameter."
}
]dist/pre/index.js
[
{
"Severity": "High",
"Recommendation": "Use secure cryptographic hash functions",
"Description": "The checksums for the tls and non_tls objects should use secure cryptographic hash functions.",
"Remediation": "Update the checksums to use secure cryptographic hash functions like SHA-256 or SHA-3."
},
{
"Severity": "Medium",
"Recommendation": "Avoid hardcoding versions in URLs",
"Description": "The URL in the code includes a hardcoded version '1.3.6'. Hardcoding versions in URLs can lead to compatibility issues and can expose sensitive information.",
"Remediation": "Refactor the URL generation to dynamically include the version or parameterize the version externally."
}
]dist/pre/index.js.map
package-lock.json
[]src/checksum.ts
[
{
"Severity": "High",
"Recommendation": "Use updated secure hash algorithm",
"Description": "The current hash algorithm being used may not be the most secure. It's important to stay up-to-date with the latest secure hash algorithms",
"Remediation": "Update the hash algorithm to a more secure option, such as SHA-256 or SHA-3."
},
{
"Severity": "Medium",
"Recommendation": "Avoid hardcoding checksum values",
"Description": "Hardcoding checksum values in the code can be risky as they may change over time. It's better to dynamically calculate checksums during runtime.",
"Remediation": "Calculate the checksum values during runtime rather than hardcoding them in the code."
}
]Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find the comments helpful, give them a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments below.
Code Comments
.github/workflows/publish-immutable-actions.yml
[
{
"Severity": "High",
"Recommendation": "Remove excessive permissions",
"Description": "The job 'publish' has unnecessary 'contents: read' permission and additional permissions like 'id-token: write' and 'packages: write'. This could potentially lead to privilege escalation attacks.",
"Remediation": "Update the job configuration to only include necessary permissions. Remove 'contents: read', 'id-token: write', and 'packages: write' if they are not required for the job to function properly."
},
{
"Severity": "Medium",
"Recommendation": "Use specific versions for action dependencies",
"Description": "The action 'step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e' is referencing a specific commit hash. It is recommended to use stable release versions of actions to ensure reliability and security.",
"Remediation": "Update the action reference to a stable release version instead of a commit hash, if available."
}
].github/workflows/runs-on.yml
[
{
"Severity": "High",
"Recommendation": "Avoid hardcoding sensitive information in code",
"Description": "Sensitive information such as API keys, passwords, or secrets should not be hardcoded directly into the code. This can lead to security vulnerabilities if the code is exposed or shared.",
"Remediation": "Store sensitive information securely in environment variables or a secrets manager, and reference them in the code."
},
{
"Severity": "High",
"Recommendation": "Avoid using 'continue-on-error' flag without proper error handling",
"Description": "'continue-on-error' flag allows the workflow to continue even if a step fails. However, without proper error handling, critical failures may be missed or workflow execution may become unpredictable.",
"Remediation": "Implement thorough error handling mechanisms to capture and handle errors appropriately instead of relying solely on 'continue-on-error'."
},
{
"Severity": "Medium",
"Recommendation": "Validate input sources to prevent injection attacks",
"Description": "Using input sources directly in commands, such as in the 'docker run' commands, can expose the system to injection attacks if the input is not properly validated.",
"Remediation": "Sanitize and validate input sources before using them in commands to prevent injection vulnerabilities."
},
{
"Severity": "Medium",
"Recommendation": "Ensure proper access control for Docker containers",
"Description": "Running Docker containers with excessive permissions or privileged access can pose security risks by allowing unauthorized access or privilege escalation.",
"Remediation": "Limit the permissions and access rights of Docker containers by following the principle of least privilege and implementing proper access controls."
},
{
"Severity": "Low",
"Recommendation": "Implement logging and monitoring for Docker containers",
"Description": "Logging and monitoring are essential for tracking and analyzing container activities, identifying security incidents, and troubleshooting issues.",
"Remediation": "Integrate logging mechanisms and monitoring tools to capture container activities, monitor performance, and detect any suspicious behavior."
}
]dist/pre/index.js
[
{
"Severity": "High",
"Recommendation": "Update checksum values in CHECKSUMS object for tls.amd64 and tls.arm64",
"Description": "The checksum values provided for tls.amd64 and tls.arm64 do not match the actual values. This could result in using incorrect or compromised files.",
"Remediation": "Update the checksum values for tls.amd64 and tls.arm64 in the CHECKSUMS object to match the actual values."
},
{
"Severity": "Medium",
"Recommendation": "Update the download URL in the tool_cache.downloadTool function call",
"Description": "The download URL in the tool_cache.downloadTool function call is pointing to an outdated version 'harden-runner_1.3.6_linux_${variant}'. It should be updated to 'harden-runner_1.4.2_linux_${variant}' to fetch the correct version.",
"Remediation": "Update the download URL in the tool_cache.downloadTool function call to 'https://packages.stepsecurity.io/github-hosted/harden-runner_1.4.2_linux_${variant}.tar.gz'."
}
]dist/pre/index.js.map
[]package-lock.json
[
{
"Severity": "High",
"Recommendation": "Ensure all dependencies are up to date to mitigate potential security vulnerabilities.",
"Description": "Keeping dependencies up to date is crucial to address known security issues and vulnerabilities.",
"Remediation": "Update 'cross-spawn' to version 7.0.6, 'fsevents' to version 2.3.3, and 'micromatch' to version 4.0.8."
},
{
"Severity": "Medium",
"Recommendation": "Review and remove unnecessary or unused dependencies to reduce attack surface.",
"Description": "Unused dependencies can introduce security risks and increase the size of the codebase unnecessarily.",
"Remediation": "Check for any unused dependencies such as 'fsevents' and consider removing them."
},
{
"Severity": "Low",
"Recommendation": "Ensure package 'fsevents' is used only as needed due to potential for system level interactions.",
"Description": "Package 'fsevents' may have system level interactions and should be used judiciously.",
"Remediation": "Review the usage of 'fsevents' and consider if it is necessary for the project. If not, consider removing it."
}
]src/checksum.ts
[
{
"Severity": "High",
"Recommendation": "Use secure hash algorithms for checksums to enhance security",
"Description": "The current checksums are using weak hash algorithms that are vulnerable to collisions and other attacks.",
"Remediation": "Use a secure hash algorithm like SHA-256 for generating checksums."
},
{
"Severity": "Low",
"Recommendation": "Ensure consistent formatting and alignment of code for better readability",
"Description": "Inconsistent code formatting can make the code harder to read and maintain.",
"Remediation": "Ensure consistent indentation and alignment of code elements throughout the file."
}
]src/install-agent.ts
[
{
"Severity": "High",
"Recommendation": "Avoid hardcoded URLs in the codebase to prevent security vulnerabilities.",
"Description": "Hardcoding download URLs can expose the application to potential attacks or unexpected behavior.",
"Remediation": "Store the URL in a configuration file or environment variable and reference it in the code."
},
{
"Severity": "Medium",
"Recommendation": "Validate input parameters to prevent injection attacks.",
"Description": "Not validating user-controlled input can lead to security vulnerabilities like injection attacks.",
"Remediation": "Implement input validation to ensure that the 'variant' parameter is safe and within expected values."
}
]Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find the comments helpful, give them a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #498 +/- ##
=======================================
Coverage 58.64% 58.64%
=======================================
Files 5 5
Lines 162 162
Branches 39 39
=======================================
Hits 95 95
Misses 60 60
Partials 7 7 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments below.
Code Comments
dist/pre/index.js.map
[]package-lock.json
[
{
"Severity": "High",
"Recommendation": "Update npm package 'cross-spawn' to a higher version for security patches.",
"Description": "The current version '7.0.3' has known security vulnerabilities that are fixed in newer versions.",
"Remediation": "Update 'cross-spawn' to version '7.0.6' or higher."
},
{
"Severity": "High",
"Recommendation": "Update npm package 'fsevents' to the latest version for security and compatibility enhancements.",
"Description": "The current version '2.3.3' may have security vulnerabilities or compatibility issues that are addressed in newer releases.",
"Remediation": "Update 'fsevents' to the latest version available."
},
{
"Severity": "Medium",
"Recommendation": "Update npm package 'micromatch' to the latest version to utilize bug fixes and improvements.",
"Description": "The current version '4.0.5' may lack bug fixes and improvements present in newer versions.",
"Remediation": "Update 'micromatch' to version '4.0.8' or higher."
}
]src/checksum.ts
[
{
"Severity": "High",
"Recommendation": "Avoid hardcoding sensitive data in the code.",
"Description": "Avoid hardcoding cryptographic checksums in the source code, as they are sensitive data that should not be exposed.",
"Remediation": "Store the checksums in a secure location outside of the source code, such as a configuration file or environment variables."
},
{
"Severity": "Medium",
"Recommendation": "Update comments to reflect the correct version numbers.",
"Description": "The comments reference version numbers that do not match the actual values specified in the code.",
"Remediation": "Update the comments to reflect the accurate version numbers for the respective checksums."
}
]src/install-agent.ts
[
{
"Severity": "High",
"Recommendation": "Avoid using hardcoded versions in URLs to prevent potential security risks.",
"Description": "Hardcoded versions in URLs can lead to security vulnerabilities as attackers can manipulate the URL to target specific versions with known vulnerabilities.",
"Remediation": "Store the version number separately and dynamically concatenate it into the URL to avoid hardcoded versions. For example, define a variable for the version and use it in the URL string construction."
},
{
"Severity": "Medium",
"Recommendation": "Validate and sanitize input for the 'variant' variable to prevent injections or unexpected behavior.",
"Description": "Unchecked user input can lead to injection attacks or unexpected behavior in the application.",
"Remediation": "Implement input validation to ensure the 'variant' variable contains only allowed values. Use a whitelist approach or sanitize the input to prevent injection attacks."
}
].github/workflows/publish-immutable-actions.yml
[
{
"Severity": "High",
"Recommendation": "Ensure secrets and sensitive data are not hardcoded in code",
"Description": "Hardcoded secrets and sensitive data pose a security risk as they can be easily exposed or compromised.",
"Remediation": "Store secrets in a secure location such as GitHub Secrets or a configuration file outside of version control."
},
{
"Severity": "Medium",
"Recommendation": "Implement proper permission checks for sensitive operations",
"Description": "Lack of proper permission checks can lead to unauthorized access and misuse of resources.",
"Remediation": "Implement appropriate permission checks and access controls for sensitive operations, such as accessing credentials or making outbound calls."
},
{
"Severity": "Low",
"Recommendation": "Include a newline at the end of the file",
"Description": "Omitting a newline at the end of the file can cause issues related to diffs and interoperability.",
"Remediation": "Add a newline at the end of the file to ensure proper formatting and compatibility."
}
].github/workflows/runs-on.yml
[
{
"Severity": "High",
"Recommendation": "Avoid hardcoding sensitive information like access policies and endpoints directly in the code.",
"Description": "Sensitive information such as egress policies and allowed endpoints should be stored securely and retrieved as needed to prevent exposure in the codebase.",
"Remediation": "Store sensitive information like egress policies and allowed endpoints in environment variables or secure storage solutions. Use Secrets Management tools provided by the platform."
},
{
"Severity": "High",
"Recommendation": "Do not use inline code for Dockerfile content as it may expose sensitive information or lead to hard-to-maintain build steps.",
"Description": "Dockerfile content should be maintained in a separate file to enhance readability, maintainability, and prevent accidental exposure of sensitive information.",
"Remediation": "Store Dockerfile content in an external file and use COPY or ADD instructions in the Dockerfile to include the content."
},
{
"Severity": "High",
"Recommendation": "Avoid hardcoding sleep durations in scripts as it may lead to inefficiencies and maintenance challenges.",
"Description": "Hardcoding sleep durations could lead to suboptimal resource usage and may not be adaptable for different environments.",
"Remediation": "Consider using configuration parameters or environment variables to define sleep durations to allow for easier configuration and adjustment."
},
{
"Severity": "Medium",
"Recommendation": "Ensure proper error handling mechanisms are in place for Docker operations to handle potential failures.",
"Description": "Proper error handling ensures that failures during Docker operations are captured and appropriately managed, preventing unexpected issues in the workflow.",
"Remediation": "Implement error handling mechanisms such as checking return codes, using try-catch blocks, and logging errors to provide visibility into potential failures."
},
{
"Severity": "Medium",
"Recommendation": "Avoid using 'continue-on-error: true' without a clear justification, as it may suppress important failure indicators.",
"Description": "'continue-on-error: true' can mask errors and allow workflows to proceed even when critical steps fail, potentially leading to unnoticed issues.",
"Remediation": "Review the necessity of 'continue-on-error: true' for each step and ensure that it is used judiciously with proper logging and alerting mechanisms in place."
},
{
"Severity": "Low",
"Recommendation": "Consistently manage line endings to ensure codebase consistency and readability across different platforms.",
"Description": "Inconsistent line endings can cause issues with code readability and version control systems, affecting collaboration and maintenance.",
"Remediation": "Ensure that line endings are consistent throughout the codebase, ideally using a .editorconfig file or relevant IDE settings to enforce a specific line ending style."
},
{
"Severity": "Low",
"Recommendation": "Include a newline at the end of the file to adhere to common conventions and prevent potential issues with certain tools.",
"Description": "Adding a newline at the end of the file ensures that the file terminates with a proper line ending, which can prevent unintended problems with some tools.",
"Remediation": "Add a newline at the end of the file to follow common file format conventions and prevent any potential issues with tools that expect files to end with a newline."
}
]README.md
[
{
"Severity": "High",
"Recommendation": "Remove hardcoded sensitive information from URL",
"Description": "Hardcoding sensitive information like 'how-tos/enable-runtime-security/' in URLs can pose a security risk as it exposes potential implementation details to attackers.",
"Remediation": "Update the URL to dynamically fetch the URL path rather than hardcoding it in the string, or use environment variables to store sensitive information."
},
{
"Severity": "Low",
"Recommendation": "Update URL to use HTTPS instead of HTTP",
"Description": "Using HTTP instead of HTTPS in URLs can expose users to potential security risks due to lack of encryption and data integrity.",
"Remediation": "Update the URL protocol from 'http://' to 'https://' for secure communication."
}
]dist/pre/index.js
[
{
"Severity": "High",
"Recommendation": "Avoid hardcoding cryptographic material",
"Description": "Hardcoding cryptographic material increases the risk of compromise if the hardcoded values are discovered.",
"Remediation": "Store cryptographic material securely and access it programmatically when needed. Use secure storage solutions like Azure Key Vault or AWS Secrets Manager."
},
{
"Severity": "Medium",
"Recommendation": "Avoid yielding download URLs directly",
"Description": "Directly yielding URLs for downloads can lead to security risks and lack of control over the source of the download.",
"Remediation": "Instead of yielding URLs directly, consider using a more controlled approach such as defining download URLs in a configuration file or database."
}
]Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find the comments helpful, give them a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
ashishkurmi
approved these changes
Feb 15, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.