Skip to content
This repository was archived by the owner on May 14, 2024. It is now read-only.

Finalize the website #50

Merged
merged 9 commits into from
Apr 3, 2024
Merged

Finalize the website #50

merged 9 commits into from
Apr 3, 2024

Conversation

cherriae
Copy link
Member

@cherriae cherriae commented Mar 29, 2024

- Contact
- FAQ dedicated page

  • Images for about page

- Contact
- FAQ dedicated page
- Images for about page
Copy link

vercel bot commented Mar 29, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
web-new ✅ Ready (Inspect) Visit Preview Apr 3, 2024 9:20pm

@cherriae cherriae marked this pull request as draft March 29, 2024 02:41
Copy link

github-actions bot commented Mar 29, 2024

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 4 package(s) with unknown licenses.
  • ⚠️ 1 packages with OpenSSF Scorecard issues.
See the Details below.

License Issues

package-lock.json

PackageVersionLicenseIssue Type
@types/node20.12.3NullUnknown License
@types/react18.2.74NullUnknown License

package.json

PackageVersionLicenseIssue Type
@types/node20.12.3NullUnknown License
@types/react18.2.74NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@monogrid/gainmap-js 3.0.5 UnknownUnknown
npm/@react-three/drei 9.105.1 🟢 4.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6found 10 unreviewed changesets out of 30 -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 37 existing vulnerabilities detected
npm/@react-three/fiber 8.16.1 🟢 3.7
Details
CheckScoreReason
Code-Review🟢 3found 21 unreviewed changesets out of 30 -- score normalized to 3
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 019 existing vulnerabilities detected
npm/@types/node 20.12.3 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react 18.2.74 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react-dom 18.2.23 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/embla-carousel 8.0.1 UnknownUnknown
npm/embla-carousel-react 8.0.1 UnknownUnknown
npm/embla-carousel-reactive-utils 8.0.1 UnknownUnknown
npm/framer-motion 11.0.24 🟢 3.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 2found 16 unreviewed changesets out of 20 -- score normalized to 2
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ -1No tokens found
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 037 existing vulnerabilities detected
npm/hls.js 1.3.5 🟢 5.6
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0found 1 unreviewed changesets out of 1 -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
Vulnerabilities🟢 46 existing vulnerabilities detected
Pinned-Dependencies🟢 6dependency not pinned by hash detected -- score normalized to 6
npm/immediate 3.0.6 ⚠️ 1.9
Details
CheckScoreReason
Code-Review⚠️ 1found 20 unreviewed changesets out of 24 -- score normalized to 1
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ -1no dependencies found
Token-Permissions⚠️ -1No tokens found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 017 existing vulnerabilities detected
npm/is-promise 2.2.2 🟢 5
Details
CheckScoreReason
Code-Review🟢 3found 20 unreviewed changesets out of 30 -- score normalized to 3
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ -1no dependencies found
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ -1No tokens found
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy🟢 10security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/lie 3.3.0 🟢 3.3
Details
CheckScoreReason
Code-Review⚠️ 2found 16 unreviewed changesets out of 21 -- score normalized to 2
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ -1No tokens found
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow⚠️ -1no workflows found
Pinned-Dependencies⚠️ -1no dependencies found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/promise-worker-transferable 1.0.4 🟢 3
Details
CheckScoreReason
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review⚠️ 0found 30 unreviewed changesets out of 30 -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0no SAST tool detected
Pinned-Dependencies⚠️ -1no dependencies found
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ -1No tokens found
Dangerous-Workflow⚠️ -1no workflows found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
npm/tailwindcss 3.4.3 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 9found 2 unreviewed changesets out of 30 -- score normalized to 9
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/three 0.163.0 🟢 6.8
Details
CheckScoreReason
Code-Review🟢 3found 19 unreviewed changesets out of 29 -- score normalized to 3
Maintained🟢 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 5binaries present in source code
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 10all dependencies are pinned
Vulnerabilities🟢 91 existing vulnerabilities detected
npm/@react-three/drei 9.102.6 🟢 4.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6found 10 unreviewed changesets out of 30 -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 37 existing vulnerabilities detected
npm/@react-three/fiber 8.16.0 🟢 3.7
Details
CheckScoreReason
Code-Review🟢 3found 21 unreviewed changesets out of 30 -- score normalized to 3
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 019 existing vulnerabilities detected
npm/@types/node 20.11.30 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react 18.2.73 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react-dom 18.2.22 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/embla-carousel 8.0.0 UnknownUnknown
npm/embla-carousel-react 8.0.0 UnknownUnknown
npm/embla-carousel-reactive-utils 8.0.0 UnknownUnknown
npm/framer-motion 11.0.22 🟢 3.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 2found 16 unreviewed changesets out of 20 -- score normalized to 2
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ -1No tokens found
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 037 existing vulnerabilities detected
npm/tailwindcss 3.4.2 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 9found 2 unreviewed changesets out of 30 -- score normalized to 9
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/three 0.162.0 🟢 6.8
Details
CheckScoreReason
Code-Review🟢 3found 19 unreviewed changesets out of 29 -- score normalized to 3
Maintained🟢 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 5binaries present in source code
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 10all dependencies are pinned
Vulnerabilities🟢 91 existing vulnerabilities detected
npm/@react-three/drei ^9.105.1 🟢 4.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6found 10 unreviewed changesets out of 30 -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 37 existing vulnerabilities detected
npm/@react-three/fiber ^8.16.1 🟢 3.7
Details
CheckScoreReason
Code-Review🟢 3found 21 unreviewed changesets out of 30 -- score normalized to 3
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 019 existing vulnerabilities detected
npm/@types/node 20.12.3 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react 18.2.74 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react-dom 18.2.23 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/embla-carousel-react ^8.0.1 UnknownUnknown
npm/framer-motion ^11.0.24 🟢 3.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 2found 16 unreviewed changesets out of 20 -- score normalized to 2
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ -1No tokens found
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 037 existing vulnerabilities detected
npm/tailwindcss 3.4.3 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 9found 2 unreviewed changesets out of 30 -- score normalized to 9
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/three ^0.163.0 🟢 6.8
Details
CheckScoreReason
Code-Review🟢 3found 19 unreviewed changesets out of 29 -- score normalized to 3
Maintained🟢 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 5binaries present in source code
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 10all dependencies are pinned
Vulnerabilities🟢 91 existing vulnerabilities detected
npm/@react-three/drei ^9.102.6 🟢 4.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6found 10 unreviewed changesets out of 30 -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 37 existing vulnerabilities detected
npm/@react-three/fiber ^8.16.0 🟢 3.7
Details
CheckScoreReason
Code-Review🟢 3found 21 unreviewed changesets out of 30 -- score normalized to 3
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 019 existing vulnerabilities detected
npm/@types/node 20.11.30 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react 18.2.73 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/@types/react-dom 18.2.22 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 8found 4 unreviewed changesets out of 28 -- score normalized to 8
Maintained🟢 1030 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/embla-carousel-react ^8.0.0 UnknownUnknown
npm/framer-motion ^11.0.22 🟢 3.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 2found 16 unreviewed changesets out of 20 -- score normalized to 2
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ -1No tokens found
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 037 existing vulnerabilities detected
npm/tailwindcss 3.4.2 🟢 6.8
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 9found 2 unreviewed changesets out of 30 -- score normalized to 9
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 82 existing vulnerabilities detected
npm/three ^0.162.0 🟢 6.8
Details
CheckScoreReason
Code-Review🟢 3found 19 unreviewed changesets out of 29 -- score normalized to 3
Maintained🟢 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 5binaries present in source code
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 10all dependencies are pinned
Vulnerabilities🟢 91 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json
package.json

@cherriae cherriae added enhancement New feature or request help wanted Extra attention is needed labels Mar 30, 2024
@cherriae cherriae self-assigned this Mar 30, 2024
@cherriae
Copy link
Member Author

No need to worry about deployment errors from vercel right now because due to NextuiProvider it requires the children attribute. When I run npm run dev on my local computer it compiles an error of param is null. This isn't a problem with my code so when deploying for production I'll fix the error.

@cherriae cherriae linked an issue Mar 30, 2024 that may be closed by this pull request
- Add more links to the website
- Start FAQ page
- Finalize the Donate page
- Added more Icons
- Make post on blog on how to donate
@cherriae
Copy link
Member Author

cherriae commented Apr 2, 2024

Waiting for media team to answer the FAQ questions

@cherriae cherriae marked this pull request as ready for review April 3, 2024 21:22
@cherriae
Copy link
Member Author

cherriae commented Apr 3, 2024

Finished everything except FAQ (waiting for media team)

@cherriae cherriae merged commit 3ed9306 into main Apr 3, 2024
4 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Param is null when running dev
1 participant