Auto Compress Images

[github-actions]

Images automagically compressed by Calibre's image-actions ✨

Compression reduced images by 46.3%, saving 115.5 KB.

Filename	Before	After	Improvement
images/opengraph-card.png	55.3 KB	17.0 KB	69.2%
traffic/plots.png	42.7 KB	11.5 KB	73.0%
images/banner.png	93.7 KB	71.1 KB	24.1%
docs/assets/icons/icons8-attach-64.png	2.3 KB	1.2 KB	45.6%
docs/assets/images/icons/icons8-attach-64.png	2.3 KB	1.2 KB	45.6%
docs/assets/icons/icons8-help-64.png	2.8 KB	1.7 KB	37.3%
docs/assets/images/icons/icons8-help-64.png	2.8 KB	1.7 KB	37.3%
docs/assets/icons/icons8-inspector-64.png	2.2 KB	1.3 KB	41.0%
docs/assets/images/icons/icons8-inspector-64.png	2.2 KB	1.3 KB	41.0%
docs/assets/icons/icons8-inspect-code-64.png	2.3 KB	1.6 KB	32.1%
docs/assets/images/icons/icons8-inspect-code-64.png	2.3 KB	1.6 KB	32.1%
docs/assets/icons/icons8-source-64.png	1.5 KB	826 B	44.4%
docs/assets/images/icons/icons8-source-64.png	1.5 KB	826 B	44.4%
docs/assets/icons/icons8-code-64.png	1.4 KB	789 B	45.0%
docs/assets/images/icons/icons8-code-64.png	1.4 KB	789 B	45.0%
docs/assets/icons/icons8-template-64.png	1.1 KB	532 B	53.6%
docs/assets/images/icons/icons8-template-64.png	1.1 KB	532 B	53.6%
docs/assets/icons/icons8-bug-64.png	1.5 KB	968 B	38.2%
docs/assets/images/icons/icons8-bug-64.png	1.5 KB	968 B	38.2%
docs/assets/icons/icons8-module-64.png	1.6 KB	1.0 KB	35.2%
docs/assets/images/icons/icons8-module-64.png	1.6 KB	1.0 KB	35.2%
docs/assets/icons/icons8-remove-property-64.png	1.3 KB	763 B	42.0%
docs/assets/images/icons/icons8-remove-property-64.png	1.3 KB	763 B	42.0%
docs/assets/icons/icons8-fork-64.png	1.3 KB	819 B	39.1%
docs/assets/images/icons/icons8-fork-64.png	1.3 KB	819 B	39.1%
docs/assets/icons/icons8-list-64.png	1.1 KB	623 B	45.1%
docs/assets/images/icons/icons8-list-64.png	1.1 KB	623 B	45.1%
docs/assets/icons/icons8-program-64.png	1.1 KB	679 B	42.1%
docs/assets/images/icons/icons8-program-64.png	1.1 KB	679 B	42.1%
docs/assets/icons/icons8-add-property-64.png	1.2 KB	709 B	40.4%
docs/assets/images/icons/icons8-add-property-64.png	1.2 KB	709 B	40.4%
docs/assets/icons/icons8-sys-info-64.png	1.0 KB	552 B	46.5%
docs/assets/images/icons/icons8-sys-info-64.png	1.0 KB	552 B	46.5%
docs/assets/icons/icons8-edit-property-64.png	1.1 KB	629 B	42.1%
docs/assets/images/icons/icons8-edit-property-64.png	1.1 KB	629 B	42.1%
docs/assets/icons/icons8-true-false-64.png	938 B	545 B	41.9%
docs/assets/images/icons/icons8-true-false-64.png	938 B	545 B	41.9%
docs/assets/icons/icons8-report-64.png	911 B	595 B	34.7%
docs/assets/images/icons/icons8-report-64.png	911 B	595 B	34.7%
docs/assets/icons/icons8-editor-64.png	846 B	538 B	36.4%
docs/assets/images/icons/icons8-editor-64.png	846 B	538 B	36.4%
docs/assets/icons/icons8-plugin-64.png	682 B	398 B	41.6%
docs/assets/images/icons/icons8-plugin-64.png	682 B	398 B	41.6%
docs/assets/icons/icons8-plan-64.png	597 B	375 B	37.2%
docs/assets/images/icons/icons8-plan-64.png	597 B	375 B	37.2%
images/icon.png	506 B	405 B	20.0%

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	textlint-rule-alex@​3.0.0
	textlint-rule-common-misspellings@​1.0.1
	textlint@​12.6.1
	yaml-lint@​1.7.0
	textlint-rule-write-good@​2.0.0
	textlint-rule-stop-words@​2.0.9
	textlint-rule-en-capitalization@​2.0.3
	stylelint-order@​4.1.0
	validate-commit-msg@​2.14.0
	stylelint-scss@​3.21.0
	textlint-rule-terminology@​2.1.6
	stylelint-config-standard@​22.0.0
	stylelint@​13.13.1

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		[email protected] has a Critical CVE. CVE: GHSA-cf4h-3jhx-xvhq Arbitrary Code Execution in underscore (CRITICAL) Affected versions: >= 1.3.2 < 1.12.1 Patched version: 1.12.1 From: ? → npm/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a Critical CVE. CVE: GHSA-cchq-frgv-rjh5 vm2 Sandbox Escape vulnerability (CRITICAL) Affected versions: <= 3.9.19 Patched version: No patched versions From: ? → npm/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has a Critical CVE. CVE: GHSA-g644-9gfx-q4q4 vm2 Sandbox Escape vulnerability (CRITICAL) Affected versions: <= 3.9.19 Patched version: No patched versions From: ? → npm/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		[email protected] has Obfuscated code. Confidence: 0.94 Location: Package overview From: ? → npm/[email protected] → npm/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[github-actions]

Images automagically compressed by Calibre's image-actions ✨

Compression reduced images by 16.5%, saving 2.1 KB.

Filename	Before	After	Improvement	Visual comparison
docs/assets/icons/icons8-help-64.png	1.7 KB	1.4 KB	20.2%	View diff
docs/assets/icons/icons8-inspect-code-64.png	1.6 KB	1.3 KB	19.1%	View diff
docs/assets/icons/icons8-attach-64.png	1.2 KB	993 B	21.6%	View diff
docs/assets/icons/icons8-module-64.png	1.0 KB	819 B	22.1%	View diff
docs/assets/icons/icons8-inspector-64.png	1.3 KB	1.1 KB	16.7%	View diff
docs/assets/icons/icons8-bug-64.png	968 B	840 B	13.2%	View diff
docs/assets/icons/icons8-add-property-64.png	709 B	584 B	17.6%	View diff
docs/assets/icons/icons8-fork-64.png	819 B	695 B	15.1%	View diff
docs/assets/icons/icons8-edit-property-64.png	629 B	553 B	12.1%	View diff
docs/assets/icons/icons8-code-64.png	789 B	719 B	8.9%	View diff
docs/assets/icons/icons8-list-64.png	623 B	559 B	10.3%	View diff
docs/assets/icons/icons8-editor-64.png	538 B	485 B	9.9%	View diff
docs/assets/icons/icons8-plan-64.png	375 B	329 B	12.3%	View diff
docs/assets/icons/icons8-plugin-64.png	398 B	357 B	10.3%	View diff

[github-actions]

Scan Summary

Tool	Critical	High	Medium	Low	Status
Python Source Analyzer	0	0	0	0	✅
Shell Script Analysis	0	0	0	0	✅
Security Audit for Infrastructure	14	92	8	29	❌

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍