The web framework for content-driven websites. ⭐️ Star to support our work!
330 matches across 9 categories. Click a row to expand file-level details.
| Severity | File | Line | Snippet |
|---|---|---|---|
| LOW | scripts/cmd/build.js | 168 | async function getInternalPackageVersion(path) { |
| LOW | scripts/cmd/build.js | 172 | async function getWorkspacePackageVersion(packageName) { |
| LOW | packages/internal-helpers/src/path.ts | 20 | export function collapseDuplicateLeadingSlashes(path: string) { |
| LOW | packages/internal-helpers/src/path.ts | 38 | export function collapseDuplicateTrailingSlashes(path: string, trailingSlash: boolean) { |
| LOW | packages/internal-helpers/src/path.ts | 45 | export function removeTrailingForwardSlash(path: string) { |
| LOW | packages/internal-helpers/src/path.ts | 49 | export function removeLeadingForwardSlash(path: string) { |
| LOW | packages/internal-helpers/src/path.ts | 53 | export function removeLeadingForwardSlashWindows(path: string) { |
| LOW | packages/internal-helpers/src/shiki.ts | 94 | export function clearShikiHighlighterCache(): void { |
| LOW | packages/internal-helpers/src/shiki.ts | 162 | async function createShikiHighlighterInternal({ |
| LOW | packages/upgrade/src/actions/verify.ts | 190 | function extractChangelogURLFromRepository( |
| LOW | packages/markdown/remark/CHANGELOG.md | 1013 | export function remarkInjectSocialImagePlugin() { |
| LOW | packages/markdown/remark/CHANGELOG.md | 1189 | export function remarkInjectSocialImagePlugin() { |
| LOW | packages/markdown/remark/src/rehype-collect-headings.ts | 86 | function getMdxFrontmatterVariablePath(node: MdxTextExpression): string[] | Error { |
| LOW | packages/markdown/remark/src/rehype-collect-headings.ts | 118 | function getMdxFrontmatterVariableValue(frontmatter: Record<string, any>, path: string[]) { |
| LOW | packages/markdown/satteri/src/satteri-processor.ts | 27 | export function createCollectImagesPlugin( |
| LOW | packages/markdown/satteri/src/satteri-processor.ts | 51 | function resolveFrontmatterExpression( |
| LOW | packages/markdown/satteri/src/satteri-processor.ts | 220 | export async function createSatteriMarkdownProcessor( |
| LOW | packages/language-tools/ts-plugin/src/frontmatter.ts | 36 | export function getFrontmatterLanguagePlugin( |
| LOW | …uage-tools/language-server/src/languageServerPlugin.ts | 36 | export function getLanguageServicePlugins( |
| LOW | packages/language-tools/language-server/src/utils.ts | 5 | export function getLanguageServerTypesDir(ts: typeof import('typescript')) { |
| LOW | …ges/language-tools/language-server/src/core/parseJS.ts | 38 | function moduleScriptToVirtualCode(script: TSXExtractedScript, index: number): VirtualCode { |
| LOW | …s/language-tools/language-server/src/core/parseHTML.ts | 73 | function shouldBlankStartOrEndTagLike(offset: number) { |
| LOW | …e-tools/language-server/src/core/frontmatterHolders.ts | 41 | export function getFrontmatterLanguagePlugin( |
| LOW | …es/language-tools/language-server/src/core/parseCSS.ts | 18 | function mergeCSSContextsByLanguage(inlineStyles: TSXExtractedStyle[]): VirtualCode[] { |
| LOW | …es/language-tools/language-server/src/core/parseCSS.ts | 56 | function createVirtualCodeForLanguage(code: Segment<CodeInformation>[], lang: string): VirtualCode { |
| LOW | …es/language-tools/language-server/src/plugins/astro.ts | 61 | function compilerMessageToDiagnostic(message: DiagnosticMessage): Diagnostic { |
| LOW | …es/language-tools/language-server/src/plugins/utils.ts | 55 | export function ensureProperEditForFrontmatter( |
| LOW | …es/language-tools/language-server/src/plugins/utils.ts | 82 | export function ensureRangeIsInFrontmatter( |
| LOW | …es/language-tools/language-server/src/plugins/utils.ts | 149 | export function editShouldBeInFrontmatter( |
| LOW | …/language-server/src/plugins/typescript/codeActions.ts | 7 | export function enhancedProvideCodeActions( |
| LOW | …/language-server/src/plugins/typescript/codeActions.ts | 14 | export function enhancedResolveCodeAction(codeAction: CodeAction, context: LanguageServiceContext) { |
| LOW | …-tools/language-server/src/plugins/typescript/utils.ts | 11 | export function isAstroComponentImportSource(source: string | undefined): source is string { |
| LOW | …-tools/language-server/src/plugins/typescript/utils.ts | 15 | export function stripAstroComponentSuffix(name: string) { |
| LOW | …-tools/language-server/src/plugins/typescript/utils.ts | 38 | export function getAlreadyImportedAstroComponentSources( |
| LOW | …/language-server/src/plugins/typescript/completions.ts | 17 | export function enhancedProvideCompletionItems( |
| LOW | …/language-server/src/plugins/typescript/completions.ts | 60 | export function enhancedResolveCompletionItem( |
| LOW | …/language-server/src/plugins/typescript/completions.ts | 91 | function rewriteAstroComponentCompletion(completion: CompletionItem) { |
| LOW | …/language-server/src/plugins/typescript/completions.ts | 112 | function getDetailForFileCompletion(detail: string, source: string): string { |
| LOW | …/language-server/src/plugins/typescript/diagnostics.ts | 16 | export function enhancedProvideSemanticDiagnostics( |
| LOW | …/language-server/src/plugins/typescript/diagnostics.ts | 112 | function isNoJsxCannotHaveMultipleAttrsError(diagnostic: Diagnostic) { |
| LOW | …/language-server/src/plugins/typescript/diagnostics.ts | 121 | function isNoCantReturnOutsideFunction(diagnostic: Diagnostic) { |
| LOW | packages/underscore-redirects/src/astro.ts | 62 | export function createRedirectsFromAstroRoutes({ |
| LOW | packages/underscore-redirects/src/astro.ts | 208 | export function createHostedRouteDefinition( |
| LOW | packages/create-astro/src/actions/template.ts | 16 | export function removeTemplateMarkerSections(content: string): string { |
| LOW | packages/integrations/mdx/CHANGELOG.md | 1375 | export function remarkInjectSocialImagePlugin() { |
| LOW | packages/integrations/mdx/CHANGELOG.md | 1516 | export function remarkInjectSocialImagePlugin() { |
| LOW | …ntegrations/mdx/src/rehype-apply-frontmatter-export.ts | 19 | export function rehypeApplyFrontmatterExport() { |
| LOW | …es/integrations/mdx/src/vite-plugin-mdx-postprocess.ts | 48 | export function injectUnderscoreFragmentImport(code: string, imports: readonly ImportSpecifier[]) { |
| LOW | …ckages/integrations/mdx/src/rehype-collect-headings.ts | 4 | export function rehypeInjectHeadingsExport() { |
| LOW | …ges/integrations/mdx/src/rehype-images-to-component.ts | 52 | function getImageComponentAttributes(props: Properties): MdxJsxAttribute[] { |
| LOW | packages/integrations/mdx/src/rehype-optimize-static.ts | 253 | function getExportConstComponentObjectKeys(node: RootContentMap['mdxjsEsm']) { |
| LOW | packages/integrations/mdx/src/rehype-optimize-static.ts | 296 | function simplifyPlainMdxComponentNode(node: Node, ignoreElementNames: Set<string>) { |
| LOW | packages/integrations/mdx/src/index.ts | 212 | function warnDeprecatedMdxPluginOptions( |
| LOW | packages/integrations/mdx/src/index.ts | 233 | function markdownConfigToMdxOptions( |
| LOW | packages/integrations/mdx/src/server.ts | 57 | function throwEnhancedErrorIfMdxComponent(error: Error, Component: any) { |
| LOW | …es/integrations/mdx/src/satteri/hast-astro-metadata.ts | 155 | export function createAstroMetadataPlugin( |
| LOW | …tegrations/mdx/src/satteri/hast-images-to-component.ts | 15 | export function createImageToComponentPlugin( |
| LOW | …es/integrations/svelte/src/optimize-esbuild-plugins.ts | 8 | export function createSvelteOptimizeEsbuildPlugins( |
| LOW | packages/integrations/vercel/src/index.ts | 793 | function createRoutesWithStaticHeaders( |
| LOW | packages/integrations/vercel/src/image/build-service.ts | 176 | function removeLeadingForwardSlash(path: string) { |
| 183 more matches not shown… | |||
| Severity | File | Line | Snippet |
|---|---|---|---|
| LOW | benchmark/make-project/_util.js | 2 | "Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standar |
| LOW | examples/blog/src/content/blog/first-post.md | 3 | description: 'Lorem ipsum dolor sit amet' |
| LOW | examples/blog/src/content/blog/first-post.md | 3 | description: 'Lorem ipsum dolor sit amet' |
| LOW | examples/blog/src/content/blog/first-post.md | 8 | Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq |
| LOW | examples/blog/src/content/blog/first-post.md | 8 | Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq |
| LOW | examples/blog/src/content/blog/second-post.md | 3 | description: 'Lorem ipsum dolor sit amet' |
| LOW | examples/blog/src/content/blog/second-post.md | 3 | description: 'Lorem ipsum dolor sit amet' |
| LOW | examples/blog/src/content/blog/second-post.md | 8 | Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq |
| LOW | examples/blog/src/content/blog/second-post.md | 8 | Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq |
| LOW | examples/blog/src/content/blog/third-post.md | 3 | description: 'Lorem ipsum dolor sit amet' |
| LOW | examples/blog/src/content/blog/third-post.md | 3 | description: 'Lorem ipsum dolor sit amet' |
| LOW | examples/blog/src/content/blog/third-post.md | 8 | Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq |
| LOW | examples/blog/src/content/blog/third-post.md | 8 | Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq |
| LOW | …es/portfolio/src/content/work/markdown-mystery-tour.md | 18 | Lorem ipsum dolor sit amet, <a href="https://astro.build/">Astro</a> makes people happy. Sed do eiusmod tempor incididun |
| LOW | …es/portfolio/src/content/work/markdown-mystery-tour.md | 18 | Lorem ipsum dolor sit amet, <a href="https://astro.build/">Astro</a> makes people happy. Sed do eiusmod tempor incididun |
| LOW | examples/portfolio/src/content/work/bloom-box.md | 15 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur posuere commodo venenatis. Pellentesque habitant morb |
| LOW | examples/portfolio/src/content/work/bloom-box.md | 15 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur posuere commodo venenatis. Pellentesque habitant morb |
| LOW | examples/portfolio/src/content/work/bloom-box.md | 21 | Mauris sed eros in ex maximus volutpat. Suspendisse potenti. Donec lacinia justo consectetur sagittis tempor. Proin ulla |
| LOW | examples/portfolio/src/content/work/bloom-box.md | 21 | Mauris sed eros in ex maximus volutpat. Suspendisse potenti. Donec lacinia justo consectetur sagittis tempor. Proin ulla |
| LOW | examples/portfolio/src/content/work/h20.md | 14 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur posuere commodo venenatis. Pellentesque habitant morb |
| LOW | examples/portfolio/src/content/work/h20.md | 14 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur posuere commodo venenatis. Pellentesque habitant morb |
| LOW | examples/portfolio/src/content/work/h20.md | 20 | Mauris sed eros in ex maximus volutpat. Suspendisse potenti. Donec lacinia justo consectetur sagittis tempor. Proin ulla |
| LOW | examples/portfolio/src/content/work/h20.md | 20 | Mauris sed eros in ex maximus volutpat. Suspendisse potenti. Donec lacinia justo consectetur sagittis tempor. Proin ulla |
| LOW | …ples/portfolio/src/content/work/nested/duvet-genius.md | 14 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur posuere commodo venenatis. Pellentesque habitant morb |
| LOW | …ples/portfolio/src/content/work/nested/duvet-genius.md | 14 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur posuere commodo venenatis. Pellentesque habitant morb |
| LOW | …ples/portfolio/src/content/work/nested/duvet-genius.md | 20 | Mauris sed eros in ex maximus volutpat. Suspendisse potenti. Donec lacinia justo consectetur sagittis tempor. Proin ulla |
| LOW | …ples/portfolio/src/content/work/nested/duvet-genius.md | 20 | Mauris sed eros in ex maximus volutpat. Suspendisse potenti. Donec lacinia justo consectetur sagittis tempor. Proin ulla |
| LOW | …es/astro/test/units/content-layer/live-loaders.test.ts | 349 | author: 'John Doe', |
| LOW | …s/astro/test/units/actions/form-data-to-object.test.ts | 432 | formData.set('contact.phone', '555-1234'); |
| LOW | …s/astro/test/units/actions/form-data-to-object.test.ts | 444 | assert.deepEqual(res.contact, { type: 'phone', phone: '555-1234' }); |
| LOW | packages/astro/performance/scripts/templates/simple.md | 7 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur interdum quam vitae est dapibus auctor. Class aptent |
| LOW | packages/astro/performance/scripts/templates/simple.md | 7 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur interdum quam vitae est dapibus auctor. Class aptent |
| LOW | packages/astro/performance/scripts/templates/simple.md | 19 | Fusce bibendum odio tellus, ac consequat magna fringilla nec. Donec sed purus at magna pulvinar iaculis ac at nulla. Cra |
| LOW | packages/astro/performance/scripts/templates/simple.md | 27 | Nullam eu nibh ipsum. Curabitur aliquet varius ante, a pretium mauris dictum in. Integer nibh arcu, tristique ac sagitti |
| LOW | packages/astro/performance/scripts/templates/simple.md | 27 | Nullam eu nibh ipsum. Curabitur aliquet varius ante, a pretium mauris dictum in. Integer nibh arcu, tristique ac sagitti |
| LOW | packages/astro/e2e/actions-blog.test.ts | 177 | await nameInput.fill('John Doe'); |
| LOW | packages/astro/e2e/actions-blog.test.ts | 186 | await expect(result).toContainText('John Doe'); |
| LOW | packages/astro/src/container/index.ts | 66 | * container.renderToString(Component, { slots: { "foo": "Some value", "bar": "Lorem Ipsum" }}); |
| Severity | File | Line | Snippet |
|---|---|---|---|
| LOW | pnpm-workspace.yaml | 21 | dedupePeers: true |
| LOW | packages/integrations/mdx/src/image-constants.ts | 1 | // Tag name we rewrite markdown-derived `<img>` elements to. Lowercase + hyphenated |
| LOW | packages/integrations/vercel/src/lib/searchRoot.ts | 1 | // Taken from: https://github.com/vitejs/vite/blob/1a76300cd16827f0640924fdc21747ce140c35fb/packages/vite/src/node/serve |
| LOW | packages/integrations/cloudflare/src/index.ts | 201 | }, |
| LOW | packages/integrations/cloudflare/src/index.ts | 221 | } |
| LOW | packages/integrations/solid/src/server.ts | 81 | // This render mode is not exposed directly to the end user. It is only |
| LOW | …ons/markdoc/src/html/transform/html-token-transform.ts | 161 | // [ |
| LOW | …ages/astro/test/head-propagation-prerender-env.test.ts | 1 | import assert from 'node:assert/strict'; |
| LOW | packages/astro/test/lightningcss-scoped-nesting.test.ts | 1 | import assert from 'node:assert/strict'; |
| LOW | …o/test/units/util/validate-and-decode-pathname.test.ts | 101 | // These are indistinguishable at the URL level. Rejecting is the secure |
| LOW | …o/test/units/util/validate-and-decode-pathname.test.ts | 121 | assert.throws( |
| LOW | …ckages/astro/test/units/redirects/static-build.test.ts | 401 | assert.ok(!location.includes('https://example.com'), 'should not use absolute URL'); |
| LOW | packages/astro/components/env.d.ts | 1 | /// <reference path="../client.d.ts" /> |
| LOW | packages/astro/components/index.ts | 1 | // The `ts-ignore` comments here are necessary because we're importing this file inside the `astro:components` |
| LOW | packages/astro/src/core/create-vite.ts | 301 | // Merge configs: we merge vite configuration objects together in the following order, |
| LOW | packages/astro/src/core/config/schemas/base.ts | 21 | import { CacheSchema, RouteRulesSchema } from '../../cache/config.js'; |
| LOW | packages/astro/src/core/dev/container.ts | 61 | // expected behavior: spawn a new tab |
| LOW | packages/astro/src/core/session/runtime.ts | 41 | // The cookie name |
| LOW | packages/astro/src/vite-plugin-astro-server/vite.ts | 41 | } |
| LOW | packages/astro/src/content/mutable-data-store.ts | 21 | #assetsFile?: PathLike; |
| LOW | packages/astro/src/cli/add/index.ts | 521 | } |
| LOW | packages/astro/src/transitions/router.ts | 521 | hasUAVisualTransition ? 'swap' : getFallback(), |
| LOW | .github/workflows/issue-wontfix.yml | 1 | # Action taken down due to https://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tag |
| LOW | .github/workflows/issue-wontfix.yml | 21 | # Hello! |
| LOW | .github/workflows/issue-needs-repro.yml | 1 | # Action taken down due to https://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tag |
| LOW | .github/workflows/issue-needs-repro.yml | 21 | # issue-number: ${{ github.event.issue.number }} |
| Severity | File | Line | Snippet |
|---|---|---|---|
| LOW | .flue/workflows/merge-resolve/WORKFLOW.ts | 30 | // Step 1: Resolve all merge conflicts (source code, JSON, YAML, etc.) |
| LOW | .flue/workflows/merge-resolve/WORKFLOW.ts | 46 | // Step 2: Remove stale changesets that were already released on main |
| LOW | .flue/workflows/merge-resolve/WORKFLOW.ts | 58 | // Step 3: Regenerate the lockfile |
| LOW | .flue/workflows/merge-resolve/WORKFLOW.ts | 75 | // Step 4: Commit and push |
| LOW | packages/integrations/react/src/static-html.ts | 19 | // value can be a SlotString object, we need to check if it's empty by using trim() |
| LOW | …ckages/astro/test/units/i18n/manual-middleware.test.ts | 203 | // Step 1: Check allowlist |
| LOW | …ckages/astro/test/units/i18n/manual-middleware.test.ts | 208 | // Step 2: Check if has locale |
| LOW | …ckages/astro/test/units/i18n/manual-middleware.test.ts | 213 | // Step 3: Check if root or special path |
| LOW | …ckages/astro/test/units/i18n/manual-middleware.test.ts | 218 | // Step 4: Return 404 |
| LOW | packages/astro/src/core/create-vite.ts | 312 | // We need to check if the command is `build` or `dev` before merging the user-provided vite config. |
| LOW | packages/astro/src/core/i18n/handler.ts | 92 | // Step 1: Apply routing strategy |
| LOW | packages/astro/src/core/i18n/handler.ts | 135 | // Step 2: Apply fallback logic (if configured) |
| Severity | File | Line | Snippet |
|---|---|---|---|
| HIGH | …kages/astro/src/runtime/server/render/queue/builder.ts | 63 | // Stop on first error as requested |
| HIGH | …ages/astro/src/runtime/server/render/queue/renderer.ts | 64 | // Stop on first error as requested |
| Severity | File | Line | Snippet |
|---|---|---|---|
| MEDIUM | …nguage-tools/vscode/syntaxes/astro.tmLanguage.src.yaml | 201 | # ------------ |
| MEDIUM | …nguage-tools/vscode/syntaxes/astro.tmLanguage.src.yaml | 241 | # ---------- |
| MEDIUM | …nguage-tools/vscode/syntaxes/astro.tmLanguage.src.yaml | 304 | # ------------ |
| MEDIUM | packages/astro/src/core/cache/runtime/cache.ts | 132 | // ─── Framework-internal helpers (not exported from the `astro` package) ───── |
| Severity | File | Line | Snippet |
|---|---|---|---|
| MEDIUM | …nguage-tools/vscode/syntaxes/astro.tmLanguage.src.yaml | 541 | # inside and because it makes whitespace matching logic more robust |
| MEDIUM | packages/astro/src/core/create-vite.ts | 125 | // Attempt: package relies on `astro`. ✅ Definitely an Astro package |
| Severity | File | Line | Snippet |
|---|---|---|---|
| LOW | .gitpod/gitpod-setup.sh | 12 | # Check if Gitpod started from a specific example directory in the repository |
| LOW | .github/workflows/merge-main-to-next.yml | 181 | # Check if a PR already exists for this branch |
| Severity | File | Line | Snippet |
|---|---|---|---|
| LOW | .github/workflows/ci.yml | 48 | # When updating filters here, make sure to also add or remove them from the outputs block above. |