stauersbol / personal-website Goto Github PK

View Code? Open in Web Editor NEW

0.0 0.0 1.0 15.16 MB

My personal website

Home Page: personal-website-beta-fawn.vercel.app

JavaScript 11.47% Astro 74.91% TypeScript 2.58% CSS 11.05%

astro gsap md mdx tailwind

personal-website's Introduction

🔗 Connect with me on

🎧 My Discord

💬 If you have any questions, feel free to contact me.

🔭 Currently I'm working on

Rework of my website and API for the website.
Working on company projects

🌱 Currenctly learning

💙 Go
💜 Gleam

What anime I am watching

I'm an Early 🐤

🌞 Morning                5060 commits        ████████░░░░░░░░░░░░░░░░░   33.90 % 
🌆 Daytime                6682 commits        ███████████░░░░░░░░░░░░░░   44.76 % 
🌃 Evening                3104 commits        █████░░░░░░░░░░░░░░░░░░░░   20.79 % 
🌙 Night                  82 commits          ░░░░░░░░░░░░░░░░░░░░░░░░░   00.55 %

📅 I'm Most Productive on Monday

Monday                   3082 commits        █████░░░░░░░░░░░░░░░░░░░░   20.65 % 
Tuesday                  2743 commits        █████░░░░░░░░░░░░░░░░░░░░   18.37 % 
Wednesday                2392 commits        ████░░░░░░░░░░░░░░░░░░░░░   16.02 % 
Thursday                 2597 commits        ████░░░░░░░░░░░░░░░░░░░░░   17.40 % 
Friday                   2755 commits        █████░░░░░░░░░░░░░░░░░░░░   18.46 % 
Saturday                 618 commits         █░░░░░░░░░░░░░░░░░░░░░░░░   04.14 % 
Sunday                   741 commits         █░░░░░░░░░░░░░░░░░░░░░░░░   04.96 %

📊 This Week I Spent My Time On

🕑︎ Time Zone: Europe/Copenhagen

💬 Programming Languages: 
Svelte                   37 mins             █████████████░░░░░░░░░░░░   51.24 % 
Lua                      16 mins             ██████░░░░░░░░░░░░░░░░░░░   22.82 % 
Astro                    12 mins             ████░░░░░░░░░░░░░░░░░░░░░   17.16 % 
Other                    3 mins              █░░░░░░░░░░░░░░░░░░░░░░░░   04.95 % 
TypeScript               2 mins              █░░░░░░░░░░░░░░░░░░░░░░░░   03.83 % 

🔥 Editors: 
Neovim                   1 hr 13 mins        █████████████████████████   100.00 % 

💻 Operating System: 
Linux                    1 hr 13 mins        █████████████████████████   100.00 %

personal-website's People

Contributors

Forkers

lgtm-migrator

personal-website's Issues

CVE-2021-27290 (High) detected in ssri-6.0.2.tgz

CVE-2021-27290 - High Severity Vulnerability

Vulnerable Library - ssri-6.0.2.tgz

Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.

Library home page: https://registry.npmjs.org/ssri/-/ssri-6.0.2.tgz

Path to dependency file: hjemmeside/package.json

Path to vulnerable library: hjemmeside/node_modules/webpack/node_modules/ssri/package.json

Dependency Hierarchy:

nuxt-2.15.8.tgz (Root Library)
- webpack-2.15.8.tgz
  - webpack-4.46.0.tgz
    - terser-webpack-plugin-1.4.5.tgz
      - cacache-12.0.4.tgz
        
        ❌ ssri-6.0.2.tgz (Vulnerable Library)

Found in HEAD commit: 8dbfc679e5f7bbc7099a76f97c38e15f56cc5a0c

Found in base branch: master

Vulnerability Details

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.

Publish Date: 2021-03-12

URL: CVE-2021-27290

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16082

Release Date: 2021-03-12

Fix Resolution: 8.0.1

Step up your Open Source Security Game with WhiteSource here

CVE-2020-28469 (High) detected in glob-parent-3.1.0.tgz

CVE-2020-28469 - High Severity Vulnerability

Vulnerable Library - glob-parent-3.1.0.tgz

Strips glob magic from a string to provide the parent directory path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz

Path to dependency file: hjemmeside/package.json

Path to vulnerable library: hjemmeside/node_modules/watchpack-chokidar2/node_modules/glob-parent/package.json

Dependency Hierarchy:

nuxt-2.15.8.tgz (Root Library)
- webpack-2.15.8.tgz
  - webpack-4.46.0.tgz
    - watchpack-1.7.5.tgz
      - watchpack-chokidar2-2.0.1.tgz
        
        chokidar-2.1.8.tgz
        
        ❌ glob-parent-3.1.0.tgz (Vulnerable Library)

Found in HEAD commit: ff0e3db8e55cc071b56a8e269b339e512f5427a8

Found in base branch: master

Vulnerability Details

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

Publish Date: 2021-06-03

URL: CVE-2020-28469

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28469

Release Date: 2021-06-03

Fix Resolution: glob-parent - 5.1.2

Step up your Open Source Security Game with WhiteSource here

CVE-2021-33587 (High) detected in css-what-3.4.2.tgz

CVE-2021-33587 - High Severity Vulnerability

Vulnerable Library - css-what-3.4.2.tgz

a CSS selector parser

Library home page: https://registry.npmjs.org/css-what/-/css-what-3.4.2.tgz

Path to dependency file: hjemmeside/package.json

Path to vulnerable library: hjemmeside/node_modules/css-what/package.json

Dependency Hierarchy:

nuxt-2.15.8.tgz (Root Library)
- webpack-2.15.8.tgz
  - cssnano-4.1.11.tgz
    - cssnano-preset-default-4.0.8.tgz
      - postcss-svgo-4.0.3.tgz
        
        svgo-1.3.2.tgz
        
        css-select-2.1.0.tgz
        
        ❌ css-what-3.4.2.tgz (Vulnerable Library)

Found in HEAD commit: ff0e3db8e55cc071b56a8e269b339e512f5427a8

Found in base branch: master

Vulnerability Details

The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.

Publish Date: 2021-05-28

URL: CVE-2021-33587

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33587

Release Date: 2021-05-28

Fix Resolution: css-what - 5.0.1

Step up your Open Source Security Game with WhiteSource here

CVE-2021-3807 (High) detected in ansi-regex-3.0.0.tgz - autoclosed

CVE-2021-3807 - High Severity Vulnerability

Vulnerable Library - ansi-regex-3.0.0.tgz

Regular expression for matching ANSI escape codes

Library home page: https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz

Path to dependency file: hjemmeside/package.json

Path to vulnerable library: hjemmeside/node_modules/ansi-regex/package.json

Dependency Hierarchy:

nuxt-2.15.8.tgz (Root Library)
- webpack-2.15.8.tgz
  - friendly-errors-webpack-plugin-2.5.1.tgz
    - string-width-2.1.1.tgz
      - strip-ansi-4.0.0.tgz
        
        ❌ ansi-regex-3.0.0.tgz (Vulnerable Library)

Found in HEAD commit: ff0e3db8e55cc071b56a8e269b339e512f5427a8

Found in base branch: master

Vulnerability Details

ansi-regex is vulnerable to Inefficient Regular Expression Complexity

Publish Date: 2021-09-17

URL: CVE-2021-3807

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994/

Release Date: 2021-09-17

Fix Resolution: ansi-regex - 5.0.1,6.0.1

Step up your Open Source Security Game with WhiteSource here

CVE-2021-3803 (High) detected in nth-check-1.0.2.tgz

CVE-2021-3803 - High Severity Vulnerability

Vulnerable Library - nth-check-1.0.2.tgz

performant nth-check parser & compiler

Library home page: https://registry.npmjs.org/nth-check/-/nth-check-1.0.2.tgz

Path to dependency file: hjemmeside/package.json

Path to vulnerable library: hjemmeside/node_modules/nth-check/package.json

Dependency Hierarchy:

nuxt-2.15.8.tgz (Root Library)
- webpack-2.15.8.tgz
  - cssnano-4.1.11.tgz
    - cssnano-preset-default-4.0.8.tgz
      - postcss-svgo-4.0.3.tgz
        
        svgo-1.3.2.tgz
        
        css-select-2.1.0.tgz
        
        ❌ nth-check-1.0.2.tgz (Vulnerable Library)

Found in HEAD commit: ff0e3db8e55cc071b56a8e269b339e512f5427a8

Found in base branch: master

Vulnerability Details

nth-check is vulnerable to Inefficient Regular Expression Complexity

Publish Date: 2021-09-17

URL: CVE-2021-3803

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: fb55/nth-check@v2.0.0...v2.0.1

Release Date: 2021-09-17

Fix Resolution: nth-check - v2.0.1

Step up your Open Source Security Game with WhiteSource here

CVE-2021-33502 (High) detected in normalize-url-1.9.1.tgz, normalize-url-3.3.0.tgz

CVE-2021-33502 - High Severity Vulnerability

Vulnerable Libraries - normalize-url-1.9.1.tgz, normalize-url-3.3.0.tgz

normalize-url-1.9.1.tgz

Normalize a URL

Library home page: https://registry.npmjs.org/normalize-url/-/normalize-url-1.9.1.tgz

Path to dependency file: hjemmeside/package.json

Path to vulnerable library: hjemmeside/node_modules/extract-css-chunks-webpack-plugin/node_modules/normalize-url/package.json

Dependency Hierarchy:

nuxt-2.15.8.tgz (Root Library)
- webpack-2.15.8.tgz
  - extract-css-chunks-webpack-plugin-4.9.0.tgz
    - ❌ normalize-url-1.9.1.tgz (Vulnerable Library)

normalize-url-3.3.0.tgz

Normalize a URL

Library home page: https://registry.npmjs.org/normalize-url/-/normalize-url-3.3.0.tgz

Path to dependency file: hjemmeside/package.json

Path to vulnerable library: hjemmeside/node_modules/normalize-url/package.json

Dependency Hierarchy:

nuxt-2.15.8.tgz (Root Library)
- webpack-2.15.8.tgz
  - cssnano-4.1.11.tgz
    - cssnano-preset-default-4.0.8.tgz
      - postcss-normalize-url-4.0.1.tgz
        
        ❌ normalize-url-3.3.0.tgz (Vulnerable Library)

Found in HEAD commit: ff0e3db8e55cc071b56a8e269b339e512f5427a8

Found in base branch: master

Vulnerability Details

The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.

Publish Date: 2021-05-24

URL: CVE-2021-33502

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33502

Release Date: 2021-05-24

Fix Resolution: normalize-url - 4.5.1, 5.3.1, 6.0.1

Step up your Open Source Security Game with WhiteSource here

CVE-2021-35065 (Medium) detected in glob-parent-3.1.0.tgz, glob-parent-5.1.2.tgz

CVE-2021-35065 - Medium Severity Vulnerability

Vulnerable Libraries - glob-parent-3.1.0.tgz, glob-parent-5.1.2.tgz

glob-parent-3.1.0.tgz

Strips glob magic from a string to provide the parent directory path

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/watchpack-chokidar2/node_modules/glob-parent/package.json

Dependency Hierarchy:

webpack-4.46.0.tgz (Root Library)
- watchpack-1.7.5.tgz
  - watchpack-chokidar2-2.0.1.tgz
    - chokidar-2.1.8.tgz
      - ❌ glob-parent-3.1.0.tgz (Vulnerable Library)

glob-parent-5.1.2.tgz

Extract the non-magic parent path from a glob string.

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/glob-parent/package.json

Dependency Hierarchy:

eslint-7.32.0.tgz (Root Library)
- ❌ glob-parent-5.1.2.tgz (Vulnerable Library)

Found in HEAD commit: 0a48647e50177e30a40931985d16d6d021b8023a

Found in base branch: master

Vulnerability Details

The package glob-parent before 6.0.1 are vulnerable to Regular Expression Denial of Service (ReDoS)

Publish Date: 2021-06-22

URL: CVE-2021-35065

CVSS 3 Score Details (5.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: gulpjs/glob-parent#49

Release Date: 2021-06-22

Fix Resolution: glob-parent - 6.0.1

Step up your Open Source Security Game with WhiteSource here

WS-2021-0153 (High) detected in ejs-2.7.4.tgz - autoclosed

WS-2021-0153 - High Severity Vulnerability

Vulnerable Library - ejs-2.7.4.tgz

Embedded JavaScript templates

Library home page: https://registry.npmjs.org/ejs/-/ejs-2.7.4.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/ejs/package.json

Dependency Hierarchy:

nuxt-2.13.3.tgz (Root Library)
- webpack-2.13.3.tgz
  - webpack-bundle-analyzer-3.9.0.tgz
    - ❌ ejs-2.7.4.tgz (Vulnerable Library)

Found in HEAD commit: e8d55fc11960692b98f276c756d6337e2429e77e

Found in base branch: master

Vulnerability Details

Arbitrary Code Injection vulnerability was found in ejs before 3.1.6. Caused by filename which isn't sanitized for display.

Publish Date: 2021-01-22

URL: WS-2021-0153

CVSS 3 Score Details (9.8)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: mde/ejs#571

Release Date: 2021-01-22

Fix Resolution: ejs - 3.1.6

Step up your Open Source Security Game with WhiteSource here

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

fix(deps): update dependency @astrojs/mdx to ^0.19.0

Other Branches

These updates are pending. To force PRs open, click the checkbox below.

chore(deps): update dependency autoprefixer to v10.4.16
chore(deps): update dependency postcss-scss to v4.0.9
chore(deps): update dependency sass to v1.69.7
fix(deps): update dependency @astrojs/partytown to v1.2.3
fix(deps): update dependency @astrojs/sitemap to v1.4.0
fix(deps): update dependency tailwindcss to v3.4.1

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

fix(deps): update dependency @astrojs/image to ^0.18.0
fix(deps): update dependency @astrojs/mdx to v2
fix(deps): update dependency @astrojs/partytown to v2
fix(deps): update dependency @astrojs/rss to v4
fix(deps): update dependency @astrojs/sitemap to v3
fix(deps): update dependency @astrojs/tailwind to v5
fix(deps): update dependency astro to v4
Click on this checkbox to rebase all open PRs at once

Detected dependencies

npm

package.json

@astrojs/image ^0.12.1

@astrojs/mdx ^0.13.0

@astrojs/partytown ^1.0.2

@astrojs/rss ^1.2.1

@astrojs/sitemap ^1.0.0

@astrojs/tailwind ^2.1.3

astro ^1.7.2

tailwindcss ^3.0.24

autoprefixer ^10.4.13

postcss-scss ^4.0.6

sass ^1.57.0

Check this box to trigger a request for Renovate to run again on this repository

stauersbol / personal-website Goto Github PK

personal-website's Introduction

🔗 Connect with me on

🎧 My Discord

🔭 Currently I'm working on

🌱 Currenctly learning

What anime I am watching

personal-website's People

Contributors

Forkers

personal-website's Issues

CVE-2021-27290 - High Severity Vulnerability

CVE-2020-28469 - High Severity Vulnerability

CVE-2021-33587 - High Severity Vulnerability

CVE-2021-3807 - High Severity Vulnerability

CVE-2021-3803 - High Severity Vulnerability

CVE-2021-33502 - High Severity Vulnerability

CVE-2021-35065 - Medium Severity Vulnerability

WS-2021-0153 - High Severity Vulnerability

Edited/Blocked

Other Branches

Open

Detected dependencies

Recommend Projects

Recommend Topics

Recommend Org