Staging

[sankartn]

No description provided.

[shopify]

Oxygen deployed a preview of your staging branch. Details:

Storefront	Status	Preview link	Deployment details	Last update (UTC)
Hydrogen Contentstack Demo	✅ Successful (Logs)	Preview deployment	Inspect deployment	April 3, 2026 1:05 PM
Hydrogen Contentstack Demo 01	✅ Successful (Logs)	Preview deployment	Inspect deployment	April 3, 2026 1:05 PM
hydrogen-contentstack-demo	✅ Successful (Logs)	Preview deployment	Inspect deployment	April 3, 2026 1:05 PM

Learn more about Hydrogen's GitHub integration.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	11	17	25	✅ Passed
🟡 Medium Severity	25	17	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	3	0	30 / 120 days	❌ Failed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 3 issue(s) that have exceeded the 30-day SLA threshold:

1. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15309438
   • Package: minimatch@9.0.5
   • Published: 43 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-26996

2. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15353387
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27904

3. Inefficient Algorithmic Complexity

   • ID: SNYK-JS-MINIMATCH-15353389
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27903

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 17
• Medium without fixes: 17
• Low without fixes: 0

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	11	17	25	✅ Passed
🟡 Medium Severity	25	17	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	3	0	30 / 120 days	❌ Failed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 3 issue(s) that have exceeded the 30-day SLA threshold:

1. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15309438
   • Package: minimatch@9.0.5
   • Published: 43 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-26996

2. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15353387
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27904

3. Inefficient Algorithmic Complexity

   • ID: SNYK-JS-MINIMATCH-15353389
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27903

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 17
• Medium without fixes: 17
• Low without fixes: 0

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	11	17	25	✅ Passed
🟡 Medium Severity	25	17	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	3	0	30 / 120 days	❌ Failed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 3 issue(s) that have exceeded the 30-day SLA threshold:

1. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15309438
   • Package: minimatch@9.0.5
   • Published: 43 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-26996

2. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15353387
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27904

3. Inefficient Algorithmic Complexity

   • ID: SNYK-JS-MINIMATCH-15353389
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27903

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 17
• Medium without fixes: 17
• Low without fixes: 0

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	11	17	25	✅ Passed
🟡 Medium Severity	25	17	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	3	0	30 / 120 days	❌ Failed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

🟠 High Severity - SLA Breached Issues (with fixes)

Showing 3 issue(s) that have exceeded the 30-day SLA threshold:

1. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15309438
   • Package: minimatch@9.0.5
   • Published: 43 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-26996

2. Regular Expression Denial of Service (ReDoS)

   • ID: SNYK-JS-MINIMATCH-15353387
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27904

3. Inefficient Algorithmic Complexity

   • ID: SNYK-JS-MINIMATCH-15353389
   • Package: minimatch@9.0.5
   • Published: 36 days ago (SLA: 30 days)
   • CVSS Score: 8.7
   • CVE: CVE-2026-27903

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

• Critical without fixes: 0
• High without fixes: 17
• Medium without fixes: 17
• Low without fixes: 0

❌ BUILD FAILED - Security checks failed

Please review and fix the security vulnerabilities before merging.

[github-actions]

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type	Count (with fixes)	Without fixes	Threshold	Result
🔴 Critical Severity	0	0	10	✅ Passed
🟠 High Severity	0	0	25	✅ Passed
🟡 Medium Severity	0	0	500	✅ Passed
🔵 Low Severity	0	0	1000	✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity	Breaches (with fixes)	Breaches (no fixes)	SLA Threshold (with/no fixes)	Status
🔴 Critical	0	0	15 / 30 days	✅ Passed
🟠 High	0	0	30 / 120 days	✅ Passed
🟡 Medium	0	0	90 / 365 days	✅ Passed
🔵 Low	0	0	180 / 365 days	✅ Passed

✅ BUILD PASSED - All security checks passed