Test preview

[mustard-mh]

Description

Related Issue(s)

Fixes #

How to test

Documentation

Preview status

Gitpod was successfully deployed to your preview environment.

• 🏷️ Name - exp-migration
• 🔗 URL - exp-migration.preview.gitpod-dev.com/workspaces.
• 📚 Documentation - See our internal documentation for information on how to interact with your preview environment.
• 📦 Version - exp-migration-gha.24132
• 🗒️ Logs - GCP Logs Explorer

Build Options

Build

• /werft with-werft
  Run the build with werft instead of GHA
• leeway-no-cache
• /werft no-test
  Run Leeway with --dont-test

Publish

• /werft publish-to-npm
• /werft publish-to-jb-marketplace

Installer

• analytics=segment
• with-dedicated-emulation
• workspace-feature-flags
  Add desired feature flags to the end of the line above, space separated

Preview Environment / Integration Tests

• /werft with-local-preview
  If enabled this will build install/preview
• /werft with-preview
• /werft with-large-vm
• /werft with-gce-vm
  If enabled this will create the environment on GCE infra
• /werft preemptible
  Saves cost. Untick this only if you're really sure you need a non-preemtible machine.
• with-integration-tests=all
  Valid options are all, workspace, webapp, ide, jetbrains, vscode, ssh. If enabled, with-preview and with-large-vm will be enabled.
• with-monitoring

/hold

[akosyakov]

cc @geropl @svenefftinge it is because we did not finish tokens for desktop clients for public API

[stale]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[github-actions]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/plugin-proposal-private-property-in-object@7.21.11	Transitive: environment	+4	2.57 MB	nicolo-ribaudo
npm/@csstools/postcss-progressive-custom-properties@1.3.0	None	0	43.9 kB	alaguna
npm/@csstools/selector-specificity@2.2.0	None	0	16.7 kB	alaguna
npm/@discoveryjs/json-ext@0.5.5	None	0	84.6 kB	lahmatiy
npm/@floating-ui/core@1.5.0	None	+1	243 kB	atomiks
npm/@floating-ui/dom@1.5.3	None	+1	179 kB	atomiks
npm/@floating-ui/react-dom@2.0.2	None	0	40 kB	atomiks
npm/@gitbeaker/core@39.12.0	None	+2	1.97 MB	jdalrymple
npm/@gitbeaker/rest@39.12.0	None	+1	143 kB	jdalrymple
npm/@google-cloud/common@4.0.3	environment	+2	200 kB	google-wombot
npm/@google-cloud/logging-min@10.4.0	environment, filesystem Transitive: network	+7	2.85 MB	google-wombot
npm/@google-cloud/profiler@6.0.0	environment, filesystem Transitive: network, shell	+27	4.19 MB	google-wombot
npm/@hapi/bourne@2.0.0	None	0	5.1 kB	hueniverse
npm/@improbable-eng/grpc-web-node-http-transport@0.14.1	network	0	12.1 kB	marcuslongmuir
npm/@improbable-eng/grpc-web@0.14.0	network	0	65.5 kB	marcuslongmuir
npm/@improbable-eng/grpc-web@0.15.0	network	0	65.7 kB	marcuslongmuir
npm/@ioredis/as-callback@3.0.0	None	0	5.96 kB	luin
npm/@ioredis/commands@1.2.0	None	0	55.6 kB	ioredis-robot
npm/@jest/types@27.5.1	None	+4	105 kB	simenb
npm/@jmondi/oauth2-server@2.6.1	environment	+1	215 kB	jasonraimondi
npm/@mapbox/node-pre-gyp@1.0.11	environment, filesystem	0	170 kB	mapbox-npm-01
npm/@octokit/auth-app@3.6.1	None	+6	420 kB	octokitbot
npm/@octokit/auth-oauth-user@1.3.0	None	+3	284 kB	octokitbot
npm/@octokit/auth-token@2.5.0	None	0	25.8 kB	octokitbot
npm/@octokit/auth-unauthenticated@2.1.0	None	0	24.6 kB	octokitbot
npm/@octokit/core@3.5.1	None	+1	94.7 kB	octokitbot
npm/@octokit/openapi-types@11.2.0	None	0	1.56 MB	octokitbot
npm/@octokit/plugin-enterprise-compatibility@1.3.0	None	0	14.5 kB	octokitbot
npm/@octokit/plugin-paginate-rest@2.17.0	None	0	195 kB	octokitbot
npm/@octokit/plugin-request-log@1.0.4	None	0	11.6 kB	gr2m
npm/@octokit/plugin-rest-endpoint-methods@5.3.2	None	0	1.16 MB	octokitbot
npm/@octokit/plugin-retry@3.0.9	None	0	22.1 kB	gr2m
npm/@octokit/plugin-throttling@3.5.2	None	0	69.9 kB	octokitbot
npm/@octokit/request-error@2.1.0	None	0	21.9 kB	octokitbot
npm/@octokit/request@5.6.2	network	+2	183 kB	octokitbot
npm/@octokit/rest@18.6.1	None	0	8.66 kB	octokitbot
npm/@octokit/types@6.34.0	None	0	201 kB	octokitbot
npm/@octokit/webhooks-methods@2.0.0	None	0	20.4 kB	octokitbot
npm/@octokit/webhooks-types@4.12.0	None	0	158 kB	octokitbot
npm/@octokit/webhooks@9.17.0	None	+1	197 kB	octokitbot
npm/@popperjs/core@2.11.6	environment	0	1.63 MB	fezvrasta
npm/@probot/get-private-key@1.1.1	environment, filesystem	+1	19 kB	probotbot
npm/@probot/octokit-plugin-config@1.1.3	None	0	72 kB	probotbot
npm/@probot/pino@2.3.5	Transitive: environment, filesystem, network	+8	4.49 MB	probotbot
npm/@radix-ui/number@1.0.1	None	0	3.39 kB	benoitgrelard
npm/@radix-ui/primitive@1.0.1	None	0	5.88 kB	benoitgrelard
npm/@radix-ui/react-arrow@1.0.3	None	+3	79.4 kB	benoitgrelard
npm/@radix-ui/react-collection@1.0.3	None	+4	140 kB	benoitgrelard
npm/@radix-ui/react-direction@1.0.1	None	0	9.38 kB	benoitgrelard
npm/@radix-ui/react-dismissable-layer@1.0.5	None	+5	173 kB	benoitgrelard
npm/@radix-ui/react-dropdown-menu@2.0.6	None	+18	1 MB	benoitgrelard
npm/@radix-ui/react-label@2.0.2	None	+3	79.3 kB	benoitgrelard
npm/@radix-ui/react-popover@1.0.7	None	+16	558 kB	benoitgrelard
npm/@radix-ui/react-radio-group@1.1.3	None	+12	374 kB	benoitgrelard
npm/@radix-ui/react-select@2.0.0	None	+17	845 kB	benoitgrelard
npm/@radix-ui/react-switch@1.0.3	None	+9	198 kB	benoitgrelard
npm/@radix-ui/react-tabs@1.0.4	None	+10	327 kB	benoitgrelard
npm/@radix-ui/react-tooltip@1.0.7	None	+15	527 kB	benoitgrelard
npm/@segment/loosely-validate-event@2.0.0	None	0	133 kB	f2prateek
npm/@sqltools/formatter@1.2.3	None	0	73.3 kB	mtxr
npm/@stripe/react-stripe-js@2.4.0	None	0	522 kB	fruchtose-stripe
npm/@stripe/stripe-js@2.4.0	None	0	455 kB	pololi-stripe
npm/@tailwindcss/forms@0.5.5	None	0	77.3 kB	thecrypticace
npm/@tanstack/match-sorter-utils@8.7.6	None	0	267 kB	tannerlinsley
npm/@tanstack/query-async-storage-persister@4.29.19	Transitive: environment	+2	2.39 MB	tannerlinsley
npm/@tanstack/react-query-devtools@4.29.19	environment	0	1.59 MB	tannerlinsley
npm/@tanstack/react-query-persist-client@4.29.19	Transitive: environment	+2	2.41 MB	tannerlinsley
npm/@tanstack/react-query@4.29.19	environment	+1	3.54 MB	tannerlinsley
npm/@testdeck/core@0.3.3	None	0	83.8 kB	silkentrance
npm/@testdeck/mocha@0.3.3	None	0	30.4 kB	silkentrance
npm/@testing-library/dom@7.31.2	environment	+6	3.26 MB	testing-library-bot
npm/@testing-library/jest-dom@5.14.1	None	+2	187 kB	testing-library-bot
npm/@testing-library/react@11.2.7	environment	0	5.57 MB	testing-library-bot
npm/@testing-library/user-event@12.8.3	None	0	115 kB	testing-library-bot
npm/@types/analytics-node@3.1.9	None	0	6.38 kB	types
npm/@types/assert@1.5.6	None	0	7.75 kB	types
npm/@types/babel__core@7.20.1	None	+2	52.6 kB	types
npm/@types/babel__traverse@7.14.2	None	0	123 kB	types
npm/@types/base-64@1.0.0	None	0	3.66 kB	types
npm/@types/chai-subset@1.3.3	None	0	3.23 kB	types
npm/@types/chai@4.2.22	None	0	79.9 kB	types
npm/@types/cookie-parser@1.4.2	None	0	3.69 kB	types
npm/@types/cookie@0.4.1	None	0	8.98 kB	types
npm/@types/cookiejar@2.1.2	None	0	7.46 kB	types
npm/@types/cors@2.8.12	None	0	6.35 kB	types
npm/@types/deep-equal-in-any-order@1.0.1	None	0	2.96 kB	types
npm/@types/deep-equal@1.0.1	None	0	2.85 kB	types
npm/@types/eslint@8.44.2	None	+1	202 kB	types
npm/@types/events@3.0.0	None	0	3.78 kB	types
npm/@types/express-mysql-session@2.1.3	None	+1	31.2 kB	types
npm/@types/file-saver@2.0.5	None	0	7.3 kB	types
npm/@types/fs-extra@9.0.13	None	0	27.9 kB	types
npm/@types/glob@8.1.0	None	+1	19.2 kB	types
npm/@types/google-protobuf@3.15.5	None	0	110 kB	types
npm/@types/history@4.7.9	None	0	11.2 kB	types
npm/@types/http-errors@2.0.1	None	0	6.72 kB	types
npm/@types/http-proxy@1.17.11	None	0	14.7 kB	types
npm/@types/ioredis@4.27.8	None	0	92.4 kB	types
npm/@types/istanbul-lib-coverage@2.0.3	None	0	5.91 kB	types
npm/@types/jaeger-client@3.18.3	None	0	7.98 kB	types
npm/@types/jest@26.0.24	Transitive: environment	+10	408 kB	types
npm/@types/jest@27.0.2	None	0	71.2 kB	types
npm/@types/js-cookie@2.2.7	None	0	7.38 kB	types
npm/@types/js-yaml@3.12.10	None	0	8.22 kB	types
npm/@types/js-yaml@4.0.4	None	0	9.37 kB	types
npm/@types/json-schema@7.0.9	None	0	32.2 kB	types
npm/@types/lodash.debounce@4.0.6	None	0	3.33 kB	types
npm/@types/lodash@4.14.176	None	0	859 kB	types
npm/@types/lodash@4.17.4	None	0	863 kB	types
npm/@types/mocha@10.0.1	None	0	96.3 kB	types
npm/@types/mysql@2.15.19	None	0	26.1 kB	types
npm/@types/node-fetch@2.6.4	None	0	12.2 kB	types
npm/@types/oauth@0.9.1	None	0	10 kB	types
npm/@types/passport-oauth2@1.4.11	None	0	7.8 kB	types
npm/@types/passport@1.0.7	None	0	11.5 kB	types
npm/@types/pino-http@5.8.0	None	0	5.87 kB	types
npm/@types/pino@6.3.12	None	+2	57 kB	types
npm/@types/prop-types@15.7.4	None	0	6.55 kB	types
npm/@types/random-number-csprng@1.0.0	None	0	3.03 kB	types
npm/@types/react-datepicker@4.8.0	None	0	14.8 kB	types
npm/@types/react-dom@17.0.10	None	0	25.7 kB	types
npm/@types/react-portal@4.0.4	None	0	5.23 kB	types
npm/@types/react-router-dom@5.3.2	None	0	7.63 kB	types
npm/@types/react-router@5.1.17	None	0	19.8 kB	types
npm/@types/react@17.0.32	None	+1	186 kB	types
npm/@types/react@17.0.33	None	+1	186 kB	types
npm/@types/semver@7.5.0	None	0	23.7 kB	types
npm/@types/send@0.17.1	None	0	10.2 kB	types
npm/@types/setimmediate@1.0.2	None	0	3.54 kB	types
npm/@types/sharedworker@0.0.29	None	0	4.02 kB	types
npm/@types/superagent@4.1.16	None	0	12.3 kB	types
npm/@types/supertest@2.0.12	None	0	7.48 kB	types
npm/@types/trusted-types@2.0.3	None	0	8.97 kB	types
npm/@types/ua-parser-js@0.7.37	None	0	9.37 kB	types
npm/@types/uuid@8.3.1	None	0	6.13 kB	types
npm/@types/validator@13.7.12	None	0	67.2 kB	types
npm/@types/ws@8.5.5	None	0	22.1 kB	types
npm/@types/zen-observable@0.8.3	None	0	10.1 kB	types
npm/@typescript-eslint/eslint-plugin@5.62.0	Transitive: environment, filesystem	+5	3.9 MB	jameshenry
npm/@typescript-eslint/parser@5.62.0	Transitive: environment, filesystem	+4	1.4 MB	jameshenry
npm/@typescript-eslint/utils@5.62.0	Transitive: environment, filesystem	+6	2.3 MB	jameshenry
npm/@useorbital/client-types@1.6.0	None	0	6.7 kB	lostinpatterns
npm/@webassemblyjs/ast@1.11.6	None	0	117 kB	xtuc
npm/@webassemblyjs/wasm-parser@1.11.6	None	0	67 kB	xtuc
npm/abab@2.0.5	None	0	11.1 kB	jeffcarp
npm/abort-controller-x@0.4.0	None	0	176 kB	aikoven
npm/accepts@1.3.7	None	0	16.6 kB	dougwilson
npm/address@1.2.2	environment, filesystem, shell	0	13 kB	fengmk2
npm/analytics-node@6.0.0	None	+1	60.1 kB	segment-admin
npm/ansi-color@0.2.1	None	0	4.93 kB
npm/ansi-colors@4.1.1	environment	0	24.4 kB	jonschlinkert
npm/ansi-escapes@4.3.2	None	+1	135 kB	sindresorhus
npm/anymatch@3.1.2	None	0	9.54 kB	paulmillr
npm/app-root-path@3.0.0	environment, unsafe	0	20.3 kB	inxilpro
npm/aria-hidden@1.2.3	None	0	30 kB	kashey
npm/array-includes@3.1.6	None	0	25 kB	ljharb
npm/arrify@2.0.1	None	0	3.19 kB	sindresorhus
npm/asap@2.0.6	None	0	33.9 kB	kriskowal
npm/asn1.js@5.4.1	None	0	49.8 kB	indutny
npm/async-batch@1.1.2	None	0	7.69 kB	sergelerator
npm/autoprefixer@10.4.19	environment	+1	285 kB	ai
npm/axios@0.21.4	environment, network	0	375 kB	jasonsaayman
npm/base-64@1.0.0	None	0	10.9 kB	mathias
npm/base64-js@1.5.1	None	0	9.62 kB	feross
npm/base64url@3.0.1	None	0	7.55 kB	brianloveswords
npm/before-after-hook@2.2.2	None	0	37 kB	gr2m
npm/bignumber.js@9.1.2	None	0	351 kB	mikemcl
npm/bitbucket@2.7.0	None	+1	471 kB	muniftanjim
npm/bluebird@3.7.2	environment, eval, unsafe	0	632 kB	esailija
npm/bn.js@4.12.0	None	0	95.7 kB	fanatid
npm/body-parser@1.19.2	network	0	57.4 kB	dougwilson
npm/expect@1.20.2	eval	+1	221 kB	mjackson
npm/js-yaml@3.14.1	eval Transitive: environment, filesystem	+1	408 kB	vitaly
npm/long@4.0.0	None	0	177 kB	dcode
npm/minimatch@9.0.4	environment	+2	453 kB	isaacs
npm/passport@0.4.1	network	0	46.2 kB	jaredhanson
npm/pretty-bytes@6.1.1	None	0	11.3 kB	sindresorhus
npm/react-dom@17.0.2	environment	+1	3.1 MB	gaearon
npm/tailwindcss@3.4.4	environment, filesystem Transitive: unsafe	+3	7.59 MB	adamwathan
npm/xterm@5.4.0-beta.37	None	0	2.36 MB	tyriar

🚮 Removed packages: npm/browser-stdout@1.3.1, npm/browserslist@4.21.10, npm/camelcase@6.3.0, npm/caniuse-lite@1.0.30001521, npm/chalk@2.4.2, npm/commandpost@1.4.0, npm/console-control-strings@1.1.0, npm/convert-source-map@1.8.0, npm/cosmiconfig@7.0.1, npm/css-loader@6.8.1, npm/debug@4.3.2, npm/deep-is@0.1.4, npm/detect-libc@2.0.1, npm/diff@4.0.2, npm/dotenv@10.0.0, npm/electron-to-chromium@1.4.495, npm/escape-string-regexp@1.0.5, npm/eslint-config-react-app@7.0.1, npm/eslint-visitor-keys@2.1.0, npm/eslint@8.57.0, npm/espree@9.6.1, npm/fast-levenshtein@2.0.6, npm/find-up@5.0.0, npm/fraction.js@4.2.0, npm/fs-extra@10.0.0, npm/glob-parent@6.0.2, npm/glob@7.2.0, npm/has-bigints@1.0.2, npm/has-symbols@1.0.3, npm/has@1.0.3, npm/ignore@5.2.4, npm/import-fresh@3.3.0, npm/inherits@2.0.4, npm/is-bigint@1.0.4, npm/is-boolean-object@1.1.2, npm/is-callable@1.2.7, npm/is-core-module@2.8.0, npm/is-date-object@1.0.5, npm/is-glob@4.0.3, npm/is-regex@1.1.4, npm/is-string@1.0.7, npm/is-symbol@1.0.4, npm/is-unicode-supported@0.1.0, npm/is-weakref@1.0.2, npm/isarray@2.0.5, npm/jest-resolve@27.5.1, npm/js-tokens@4.0.0, npm/js-yaml@4.1.0, npm/json5@2.2.3, npm/json@11.0.0, npm/jsx-ast-utils@3.3.5, npm/lodash.debounce@4.0.8, npm/lodash@4.17.21, npm/long@5.2.3, npm/loose-envify@1.4.0, npm/merge2@1.4.1, npm/methods@1.1.2, npm/mime@1.6.0, npm/minimatch@3.0.5, npm/minimist@1.2.8, npm/ms@2.1.2, npm/mz@2.7.0, npm/nanoid@3.3.7, npm/node-releases@2.0.13, npm/object-assign@4.1.1, npm/object-keys@1.1.1, npm/once@1.4.0, npm/p-limit@3.1.0, npm/parse-json@5.2.0, npm/parseurl@1.3.3, npm/path-to-regexp@0.1.7, npm/pirates@4.0.6, npm/postcss-value-parser@4.2.0, npm/postcss@8.4.38, npm/protobufjs@7.3.0, npm/punycode@2.1.1, npm/range-parser@1.2.1, npm/react-dom@18.3.1, npm/react-scripts@5.0.1, npm/react@18.3.1, npm/regenerator-runtime@0.13.9, npm/resolve@1.20.0, npm/rimraf@3.0.2, npm/safe-buffer@5.1.2, npm/scheduler@0.23.2, npm/semver@6.3.1, npm/setprototypeof@1.2.0, npm/string-width@4.2.3, npm/strip-ansi@6.0.1, npm/strip-json-comments@3.1.1, npm/supports-color@5.5.0, npm/toidentifier@1.0.1, npm/ts-node@10.9.1, npm/type-check@0.4.0, npm/type-detect@4.0.8, npm/type-is@1.6.18, npm/typescript@4.4.4, npm/unbox-primitive@1.0.2, npm/unpipe@1.0.0, npm/update-browserslist-db@1.0.11, npm/util-deprecate@1.0.2, npm/utils-merge@1.0.1, npm/vary@1.1.2, npm/webpack-merge@5.9.0, npm/which-boxed-primitive@1.0.2, npm/yaml@1.10.2, npm/yargs@17.7.2

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/core-js-pure@3.32.0	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	orphan: npm/core-js-pure@3.32.0
Install scripts	npm/core-js-pure@3.19.0	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	Source

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/core-js-pure@3.32.0
• @SocketSecurity ignore npm/core-js-pure@3.19.0