[Snyk] Security upgrade algoliasearch from 3.35.1 to 4.0.0

[dotam99]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[guardrails]

⚠️ We detected 974 security issues in this pull request:

Mode: paranoid | Total findings: 974 | Considered vulnerability: 974

Insecure File Management (206)

Docs	Details
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/all-products.js Line 9 in 0ac5d95 const { data } = frontmatter(fs.readFileSync(homepage, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/all-products.js Line 20 in 0ac5d95 if (!fs.existsSync(dir)) return
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/all-products.js Line 23 in 0ac5d95 const { data } = frontmatter(fs.readFileSync(toc, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/built-asset-urls.js Line 7 in 0ac5d95 const buffer = fs.readFileSync(absFilePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/data-directory.js Line 44 in 0ac5d95 filename => [filename, fs.readFileSync(filename, 'utf8')]
💡	Title: Use of non-literal require, Severity: High docs/lib/instrument-middleware.js Line 8 in 0ac5d95 const middleware = require(path.resolve(__dirname, '../middleware', relativePath))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/layouts.js Line 14 in 0ac5d95 const content = fs.readFileSync(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 19 in 0ac5d95 if (!fs.existsSync(path.join(dist, 'react'))) {
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 20 in 0ac5d95 fs.mkdirSync(path.join(dist, 'react'), { recursive: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 22 in 0ac5d95 const content = transform(fs.readFileSync(file.path, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/react/engine.js Line 23 in 0ac5d95 fs.writeFileSync(path.join(dist, file.path), content)
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/readfile-async.js Line 6 in 0ac5d95 module.exports = util.promisify(fs.readFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/rest/index.js Line 6 in 0ac5d95 fs.readdirSync(schemasPath)
💡	Title: Use of non-literal require, Severity: High docs/lib/rest/index.js Line 9 in 0ac5d95 const value = require(path.join(schemasPath, filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/lunr-get-index-names.js Line 5 in 0ac5d95 return await fs.readdir(path.join(__dirname, 'indexes'))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/lunr-search-index.js Line 78 in 0ac5d95 .then(content => fs.writeFile(
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/lunr-search-index.js Line 88 in 0ac5d95 .then(content => fs.writeFile(
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/sync.js Line 80 in 0ac5d95 fs.writeFileSync(cacheFile, JSON.stringify(index, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/search/sync.js Line 100 in 0ac5d95 fs.writeFileSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/lib/webhooks/index.js Line 11 in 0ac5d95 const versions = fs.readdirSync(staticDir)
💡	Title: Use of non-literal require, Severity: High docs/lib/webhooks/index.js Line 22 in 0ac5d95 set(payloadsPerVersion, payloadPath, formatAsJsonCodeBlock(require(payloadFile)))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/clone-for-build.js Line 123 in 0ac5d95 if (fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 41 in 0ac5d95 dirStats = fs.statSync(earlyAccessLocalRepoDir)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 86 in 0ac5d95 if (!fs.existsSync(sourceDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 92 in 0ac5d95 fs.symlinkSync(sourceDir, destDir, 'junction')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 95 in 0ac5d95 if (!fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 98 in 0ac5d95 if (!fs.lstatSync(destDir).isSymbolicLink()) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/symlink-from-local-repo.js Line 101 in 0ac5d95 if (!fs.statSync(destDir).isDirectory()) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 37 in 0ac5d95 if (!fs.existsSync(earlyAccessContentAndDataFiles)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 51 in 0ac5d95 const oldContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 111 in 0ac5d95 fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 131 in 0ac5d95 if (!fs.existsSync(variablePath)) return false
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 134 in 0ac5d95 const variableFileContent = yaml.safeLoad(fs.readFileSync(variablePath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 148 in 0ac5d95 return fs.existsSync(`${path.posix.join(earlyAccessData, reusablePath)}.md`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/update-data-and-image-paths.js Line 158 in 0ac5d95 return fs.existsSync(path.posix.join(earlyAccessImages, imagePath))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 89 in 0ac5d95 await fs
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 115 in 0ac5d95 if (!fs.existsSync(fullPathToArchivalRepo)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 143 in 0ac5d95 fs.mkdirSync(finalDirectory, { recursive: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 166 in 0ac5d95 fs.renameSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/archive-version.js Line 200 in 0ac5d95 fs.writeFileSync(path.posix.join(finalDirectory, 'redirects.json'), JSON.stringify(redirectsPerVersion, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/remove-static-files.js Line 41 in 0ac5d95 fs.readdirSync(dir)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-deprecations/remove-version-markup.js Line 65 in 0ac5d95 require(path.join(process.cwd(), removeUnusedAssetsScript))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/remove-version-markup.js Line 73 in 0ac5d95 const oldContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-deprecations/remove-version-markup.js Line 103 in 0ac5d95 fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 45 in 0ac5d95 if (!fs.existsSync(newSchemaFile)) {
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 55 in 0ac5d95 const previews = require(previewsFile)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 56 in 0ac5d95 const changes = require(changesFile)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 57 in 0ac5d95 const objects = require(objectsFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 85 in 0ac5d95 fs.writeFileSync(previewsFile, JSON.stringify(previews, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 86 in 0ac5d95 fs.writeFileSync(changesFile, JSON.stringify(changes, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 87 in 0ac5d95 fs.writeFileSync(objectsFile, JSON.stringify(objects, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 95 in 0ac5d95 fs.readdirSync(srcDir).forEach(file => {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 102 in 0ac5d95 if (!fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-graphql-files.js Line 107 in 0ac5d95 if (!fs.readdirSync(destDir).length) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 50 in 0ac5d95 if (!fs.existsSync(oldDereferencedFile)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 55 in 0ac5d95 const oldDereferencedContent = fs.readFileSync(oldDereferencedFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 63 in 0ac5d95 fs.writeFileSync(newDereferencedFile, newDereferenceContent)
💡	Title: Use of non-literal require, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 66 in 0ac5d95 const dereferencedSchema = require(path.join(process.cwd(), newDereferencedFile))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-rest-files.js Line 75 in 0ac5d95 fs.writeFileSync(newDecoratedFile, JSON.stringify(operations, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-webhook-files.js Line 45 in 0ac5d95 fs.readdirSync(srcDir).forEach(file => {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-webhook-files.js Line 52 in 0ac5d95 if (!fs.existsSync(destDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/create-webhook-files.js Line 57 in 0ac5d95 if (!fs.readdirSync(destDir).length) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 99 in 0ac5d95 const dataContent = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 107 in 0ac5d95 fs.writeFileSync(file, newDataContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 113 in 0ac5d95 const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/ghes-to-ghae-versioning.js Line 136 in 0ac5d95 fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/release-banner.js Line 41 in 0ac5d95 const releaseCandidateData = yaml.safeLoad(fs.readFileSync(releaseCandidateYaml, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/enterprise-server-releases/release-banner.js Line 53 in 0ac5d95 fs.writeFileSync(releaseCandidateYaml, yaml.safeDump(releaseCandidateData))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/fix-translation-errors.js Line 94 in 0ac5d95 fs.writeFileSync(localisedAbsPath, toWrite)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/get-new-dotcom-path.js Line 30 in 0ac5d95 if (fs.existsSync(categoryDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/build-changelog.js Line 18 in 0ac5d95 const previousChangelogString = fs.readFileSync(targetPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/build-changelog.js Line 23 in 0ac5d95 fs.writeFileSync(targetPath, JSON.stringify(previousChangelog, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 74 in 0ac5d95 const previousUpcomingChanges = yaml.safeLoad(fs.readFileSync(upcomingChangesPath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 82 in 0ac5d95 const previousSchemaString = fs.readFileSync(schemaPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 192 in 0ac5d95 fs.writeFileSync(filepath, content, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 204 in 0ac5d95 fs.writeFileSync(tempSchemaFilePath, latestSchema)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/update-files.js Line 206 in 0ac5d95 fs.unlinkSync(tempSchemaFilePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/utils/prerender-input-objects.js Line 8 in 0ac5d95 const inputObjectIncludeFile = fs.readFileSync(path.join(includes, 'graphql-input-object.html'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/graphql/utils/prerender-objects.js Line 8 in 0ac5d95 const objectIncludeFile = fs.readFileSync(path.join(includes, 'graphql-object.html'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 30 in 0ac5d95 assert(fs.existsSync(oldCategoryDir), `directory does not exist: ${oldCategoryDir}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 50 in 0ac5d95 if (!fs.existsSync(productDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 67 in 0ac5d95 fs.writeFileSync(productTocPath, matter.stringify(content, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 72 in 0ac5d95 const tocContents = fs.readFileSync(oldProductTocPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 79 in 0ac5d95 fs.writeFileSync(oldProductTocPath, matter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 87 in 0ac5d95 const articleContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-category-to-product.js Line 99 in 0ac5d95 fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-reusables-to-markdown.js Line 28 in 0ac5d95 const fileContent = fs.readFileSync(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/move-reusables-to-markdown.js Line 35 in 0ac5d95 fs.writeFileSync(markdownFilename, value)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/purge-fastly-by-url.js Line 43 in 0ac5d95 if (batchFile && !fs.existsSync(batchFile)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/purge-fastly-by-url.js Line 54 in 0ac5d95 fs.readFileSync(batchFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 44 in 0ac5d95 const contents = fs.readFileSync(categoryIndex, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 81 in 0ac5d95 fs.writeFileSync(categoryIndex, frontmatter.stringify(content, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 84 in 0ac5d95 for (const articleFileName of fs.readdirSync(categoryDirPath)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 101 in 0ac5d95 const articleContents = fs.readFileSync(articlePath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 111 in 0ac5d95 fs.writeFileSync(articlePath, frontmatter.stringify(articleContent, articleData, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 119 in 0ac5d95 const productIndexContents = fs.readFileSync(productIndexPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 122 in 0ac5d95 fs.writeFileSync(productIndexPath, frontmatter.stringify(revisedProductIndex, productIndexData, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-category-dirs-with-ids.js Line 127 in 0ac5d95 fs.renameSync(categoryDirPath, newPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-filenames-with-ids.js Line 37 in 0ac5d95 const { data, content } = frontmatter(fs.readFileSync(oldFullPath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reconcile-filenames-with-ids.js Line 77 in 0ac5d95 fs.writeFileSync(newFullPath, frontmatter.stringify(content, data))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/remove-extraneous-translation-files.js Line 21 in 0ac5d95 fs.unlinkSync(file)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/remove-unused-assets.js Line 39 in 0ac5d95 : fs.unlinkSync(reusablePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/remove-unused-assets.js Line 50 in 0ac5d95 : fs.unlinkSync(imagePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-enterprise-dates.js Line 7 in 0ac5d95 const enterpriseDatesString = fs.readFileSync(enterpriseDatesFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-enterprise-dates.js Line 41 in 0ac5d95 fs.writeFileSync(enterpriseDatesFile, formattedDatesString)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-internal-links.js Line 66 in 0ac5d95 const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-internal-links.js Line 177 in 0ac5d95 fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-readme.js Line 43 in 0ac5d95 const readmeComment = fs.readFileSync(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-readme.js Line 78 in 0ac5d95 if (template === fs.readFileSync(readme, 'utf8')) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-readme.js Line 81 in 0ac5d95 fs.writeFileSync(readme, template)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 20 in 0ac5d95 const content = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 25 in 0ac5d95 fs.writeFileSync(file, newContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 30 in 0ac5d95 const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/update-versioning-in-files.js Line 62 in 0ac5d95 fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/category-pages.js Line 47 in 0ac5d95 const contents = fs.readFileSync(productIndex, 'utf8') // TODO move to async
💡	Title: Use of non-literal require, Severity: High docs/middleware/contextualizers/graphql.js Line 26 in 0ac5d95 schemaForCurrentVersion: require(`../../lib/graphql/static/schema-${graphqlVersion}`),
💡	Title: Use of non-literal require, Severity: High docs/middleware/contextualizers/webhooks.js Line 3 in 0ac5d95 const webhookPayloads = require(path.join(process.cwd(), 'lib/webhooks'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/backfill-missing-localizations.js Line 30 in 0ac5d95 if (!fs.existsSync(fullPath)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/backfill-missing-localizations.js Line 34 in 0ac5d95 fs.writeFileSync(fullPath, fs.readFileSync(englishFullPath))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/check-english-links.js Line 76 in 0ac5d95 fs.appendFileSync(logFile, JSON.stringify(result) + '\n')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/add-tags-to-articles.js Line 42 in 0ac5d95 const articleContents = fs.readFileSync(filePath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/add-tags-to-articles.js Line 61 in 0ac5d95 fs.writeFileSync(filePath, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 40 in 0ac5d95 if (fs.existsSync(existingFileToCompare)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 54 in 0ac5d95 const existingImageToCompare = await fs.readFileSync(existingFileToCompare)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 55 in 0ac5d95 const enterpriseImage = await fs.readFileSync(file)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/deduplicate-enterprise-assets.js Line 63 in 0ac5d95 if (compareResult === 0) fs.unlinkSync(file)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 29 in 0ac5d95 if (!fs.existsSync(existingFileToCompare)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 31 in 0ac5d95 if (!fs.existsSync(newDirectoryName)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 32 in 0ac5d95 fs.mkdirSync(newDirectoryName, { recursive: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/move-unique-image-assets.js Line 34 in 0ac5d95 fs.renameSync(file, existingFileToCompare)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-html-comments-from-index-files.js Line 12 in 0ac5d95 const newContents = fs.readFileSync(file, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-html-comments-from-index-files.js Line 14 in 0ac5d95 fs.writeFileSync(file, newContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 27 in 0ac5d95 let categoryIndexContent = fs.readFileSync(categoryIndexFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 55 in 0ac5d95 if (!fs.existsSync(oldTopicFile)) continue
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 57 in 0ac5d95 if (!fs.existsSync(newTopicDirectory)) fs.mkdirSync(newTopicDirectory)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 59 in 0ac5d95 const { data, content } = frontmatter(fs.readFileSync(oldTopicFile, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 74 in 0ac5d95 if (!fs.existsSync(`${oldTopicDirectory}/${article}.md`)) return
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 78 in 0ac5d95 fs.renameSync(`${oldTopicDirectory}/${article}.md`, newArticlePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 81 in 0ac5d95 const articleContents = frontmatter(fs.readFileSync(newArticlePath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 85 in 0ac5d95 fs.writeFileSync(newArticlePath, frontmatter.stringify(articleContents.content.trim(), articleContents.data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 89 in 0ac5d95 fs.writeFileSync(`${newTopicDirectory}/index.md`, frontmatter.stringify(topicContent.trim(), data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 92 in 0ac5d95 fs.writeFileSync(categoryIndexFile, categoryIndexContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-map-topics.js Line 95 in 0ac5d95 fs.unlinkSync(oldTopicFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 160 in 0ac5d95 if (fs.existsSync(imagePath)) fs.unlinkSync(imagePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 165 in 0ac5d95 if (fs.existsSync(imagePath)) fs.unlinkSync(imagePath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 188 in 0ac5d95 fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 195 in 0ac5d95 fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 202 in 0ac5d95 fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 208 in 0ac5d95 fs.unlinkSync(imageFullPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/remove-unused-assets.js Line 223 in 0ac5d95 fs.unlinkSync(path.join(process.cwd(), directoryImage))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-developer-site-links.js Line 30 in 0ac5d95 const { data, content } = frontmatter(fs.readFileSync(file, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-developer-site-links.js Line 72 in 0ac5d95 fs.writeFileSync(file, frontmatter.stringify(newContent, data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-tocs.js Line 39 in 0ac5d95 const { data, content } = frontmatter(fs.readFileSync(indexFile, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/content-migrations/update-tocs.js Line 76 in 0ac5d95 fs.writeFileSync(indexFile, frontmatter.stringify('', data, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/create-glossary-from-spreadsheet.js Line 14 in 0ac5d95 const glossary = yaml.safeLoad(fs.readFileSync(inputFile, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/create-glossary-from-spreadsheet.js Line 28 in 0ac5d95 fs.writeFileSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/script/create-glossary-from-spreadsheet.js Line 33 in 0ac5d95 fs.writeFileSync(
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/clone-for-build.js Line 114 in 0ac5d95 if (!fs.existsSync(sourceDir)) {
💡	Title: Use of non-literal fs filename, Severity: High docs/script/early-access/clone-for-build.js Line 120 in 0ac5d95 fs.renameSync(sourceDir, destDir)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 34 in 0ac5d95 assert(fs.existsSync(translationFilePath), `file does not exist: ${translationFilePath}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 38 in 0ac5d95 assert(fs.existsSync(englishFile), `file does not exist: ${englishFile}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 41 in 0ac5d95 const englishContent = fs.readFileSync(englishFile, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 42 in 0ac5d95 fs.writeFileSync(translationFilePath, englishContent)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/reset-translated-file.js Line 50 in 0ac5d95 const relativePath = fs.existsSync(pathArg)
💡	Title: Use of non-literal require, Severity: High docs/script/rest/openapi-check.js Line 24 in 0ac5d95 const schemas = files.map(filename => require(filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 11 in 0ac5d95 const schemas = fs.readdirSync(dereferencedPath)
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 33 in 0ac5d95 if (!fs.existsSync(githubRepoDir)) {
💡	Title: Use of non-literal require, Severity: High docs/script/rest/update-files.js Line 78 in 0ac5d95 const schema = require(path.join(dereferencedPath, filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 80 in 0ac5d95 fs.writeFileSync(path.join(dereferencedPath, filename), JSON.stringify(schema, null, 2))
💡	Title: Use of non-literal require, Severity: High docs/script/rest/update-files.js Line 88 in 0ac5d95 const schema = require(path.join(dereferencedPath, filename))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/rest/update-files.js Line 104 in 0ac5d95 fs.writeFileSync(filename, JSON.stringify(operations, null, 2))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/standardize-frontmatter-order.js Line 30 in 0ac5d95 const { content, data } = matter(fs.readFileSync(fullPath, 'utf8'))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/standardize-frontmatter-order.js Line 36 in 0ac5d95 fs.writeFileSync(fullPath, matter.stringify(content, newData, { lineWidth: 10000 }))
💡	Title: Use of non-literal fs filename, Severity: High docs/script/test-render-translation.js Line 54 in 0ac5d95 const fileContents = await fs.promises.readFile(fullPath, 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/category-pages.js Line 54 in 0ac5d95 .filter(link => fs.existsSync(getPath(productDir, link, 'index')))
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/category-pages.js Line 99 in 0ac5d95 const childEntries = await fs.promises.readdir(categoryDir, { withFileTypes: true })
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/gitignore.js Line 4 in 0ac5d95 const gitignore = fs.readFileSync(gitignorePath, 'utf8')
💡	Title: Use of non-literal require, Severity: High docs/tests/content/graphql.js Line 23 in 0ac5d95 const schemaJsonPerVersion = require(`../../lib/graphql/static/schema-${version}`)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/site-data-references.js Line 110 in 0ac5d95 await fs.stat(filepath)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/site-data.js Line 48 in 0ac5d95 await fs.writeFile(newFile, 'newvalue: bar')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/content/site-data.js Line 52 in 0ac5d95 await fs.unlink(newFile)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/graphql/build-changelog-test.js Line 126 in 0ac5d95 await fs.writeFile(testTargetPath, previousContents)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/helpers/crowdin-config.js Line 7 in 0ac5d95 return yaml.load(fs.readFileSync(filename, 'utf8'), { filename })
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/meta/orphan-tests.js Line 12 in 0ac5d95 const testDirectory = await fs.readdir(pathToTests)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/meta/orphan-tests.js Line 21 in 0ac5d95 await fs.stat(
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/rendering/rest.js Line 20 in 0ac5d95 const filenames = (await fs.readdir(referenceDir))
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/actions-workflows.js Line 7 in 0ac5d95 const workflows = fs.readdirSync(workflowsDir)
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/actions-workflows.js Line 11 in 0ac5d95 const data = yaml.load(fs.readFileSync(fullpath, 'utf8'), { fullpath })
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/early-access.js Line 8 in 0ac5d95 expect(await fs.stat(eaDir)).toBeTruthy()
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/early-access.js Line 13 in 0ac5d95 expect(await fs.stat(eaDir)).toBeTruthy()
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/early-access.js Line 18 in 0ac5d95 expect(await fs.stat(eaDir)).toBeTruthy()
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/get-rss-feeds.js Line 6 in 0ac5d95 const rssFeedContent = fs.readFileSync(path.join(process.cwd(), 'tests/fixtures/rss-feed.xml'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/search/parse-page-sections-into-records.js Line 6 in 0ac5d95 pageWithSections: fs.readFileSync(path.join(__dirname, 'fixtures/page-with-sections.html'), 'utf8'),
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/search/parse-page-sections-into-records.js Line 7 in 0ac5d95 pageWithoutSections: fs.readFileSync(path.join(__dirname, 'fixtures/page-without-sections.html'), 'utf8')
💡	Title: Use of non-literal fs filename, Severity: High docs/tests/unit/search/topics.js Line 12 in 0ac5d95 const fileContent = fs.readFileSync(filename, 'utf8')
💡	Title: Path Traversal from user input, Severity: High docs/middleware/contextualizers/rest.js Line 14 in 0ac5d95 '/developers/apps'
💡	Title: Path Traversal from user input, Severity: High docs/lib/rewrite-local-links.js Line 40 in 0ac5d95 newHref = path.join('/', languageCode, href)
💡	Title: Path Traversal from user input, Severity: High docs/lib/rewrite-local-links.js Line 47 in 0ac5d95 newHref = path.join('/', languageCode, href)
💡	Title: Path Traversal from user input, Severity: High docs/middleware/early-access-breadcrumbs.js Line 63 in 0ac5d95 const mapTopicOrArticlePath = path.posix.join(categoryPath, pathParts[2])
💡	Title: Path Traversal from user input, Severity: High docs/middleware/early-access-breadcrumbs.js Line 50 in 0ac5d95 const categoryPath = removeFPTFromPath(path.posix.join('/', 'en', req.context.currentVersion, 'early-access', pathParts[0], pathParts[1]))
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 35 in 0ac5d95 title: product.title
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 49 in 0ac5d95 const categoryPath = removeFPTFromPath(path.posix.join('/', req.context.currentLanguage, req.context.currentVersion, productPath, pathParts[1]))
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 21 in 0ac5d95 const productPath = path.posix.join('/', req.context.currentProduct)
💡	Title: Path Traversal from user input, Severity: High docs/middleware/breadcrumbs.js Line 34 in 0ac5d95 href: removeFPTFromPath(path.posix.join('/', req.context.currentLanguage, req.context.currentVersion, productPath)),
💡	Title: Path Traversal from user input, Severity: High docs/middleware/archived-enterprise-versions-assets.js Line 22 in 0ac5d95 const proxyPath = path.join('/', requestedVersion, assetPath)
💡	Title: Path Traversal from user input, Severity: High docs/lib/get-link-data.js Line 37 in 0ac5d95 const href = removeFPTFromPath(path.join('/', context.currentLanguage, version, linkPath))

More info on how to fix Insecure File Management in JavaScript.

---

Insecure Use of Regular Expressions (34)

Docs	Details
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 12 in 0ac5d95 enterprise: /\/enterprise(?:\/|$|\?)(\d+\.\d+)?/,
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 13 in 0ac5d95 admin: /enterprise\/(\d+\.\d+\/)?admin\/?/,
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 14 in 0ac5d95 gheUser: /enterprise\/(\d+\.\d+\/)?user(\/|$|\?)/,
💡	Title: Regex DOS (ReDOS), Severity: Medium docs/lib/patterns.js Line 15 in 0ac5d95 enterpriseHomepage: /\/enterprise\/?(\d+\.\d+)?$/,

---

This comment has been truncated due to comment length limitations, please go to the dashboard for further details.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.