fix dev

[aamoghS]

No description provided.

[github-actions]

Dependency Review

The following issues were found:

• ❌ 6 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

Vulnerabilities

pnpm-lock.yaml

Name	Version	Vulnerability	Severity
sanitize-html	2.17.2	Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`	critical
next	16.2.4	Next.js Vulnerable to Denial of Service with Server Components	high
		Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes	high
		Next.js has a Middleware / Proxy bypass through dynamic route parameter injection	high
		Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades	high
		Next.js vulnerable to Denial of Service via connection exhaustion in applications using Cache Components	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up	high

packages/api/package.json

Name	Version	Vulnerability	Severity
sanitize-html	2.17.2	Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`	critical

sites/hacklytics2027/package.json

Name	Version	Vulnerability	Severity
next	16.2.4	Next.js Vulnerable to Denial of Service with Server Components	high
		Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes	high
		Next.js has a Middleware / Proxy bypass through dynamic route parameter injection	high
		Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades	high
		Next.js vulnerable to Denial of Service via connection exhaustion in applications using Cache Components	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up	high

sites/mainweb/package.json

Name	Version	Vulnerability	Severity
next	16.2.4	Next.js Vulnerable to Denial of Service with Server Components	high
		Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes	high
		Next.js has a Middleware / Proxy bypass through dynamic route parameter injection	high
		Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades	high
		Next.js vulnerable to Denial of Service via connection exhaustion in applications using Cache Components	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up	high

tooling/tailwind/package.json

Name	Version	Vulnerability	Severity
next	16.2.4	Next.js Vulnerable to Denial of Service with Server Components	high
		Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes	high
		Next.js has a Middleware / Proxy bypass through dynamic route parameter injection	high
		Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades	high
		Next.js vulnerable to Denial of Service via connection exhaustion in applications using Cache Components	high
		Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up	high

Only included vulnerabilities with severity high or higher.

License Issues

sites/mainweb/package.json

Package	Version	License	Issue Type
sanitize-html	^2.17.2	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/sanitize-html	2.17.2	🟢 6	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License ⚠️ 0 license file not detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 9 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9
npm/next	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/env	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-darwin-arm64	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-darwin-x64	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-linux-arm64-gnu	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-linux-arm64-musl	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-linux-x64-gnu	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-linux-x64-musl	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-win32-arm64-msvc	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@next/swc-win32-x64-msvc	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/sanitize-html	2.17.2	🟢 6	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License ⚠️ 0 license file not detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 9 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9
npm/next	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/next	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/sanitize-html	^2.17.2	Unknown	Unknown
npm/next	16.2.4	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• packages/api/package.json
• pnpm-lock.yaml
• sites/hacklytics2027/package.json
• sites/mainweb/package.json
• tooling/tailwind/package.json

[github-actions]

Visit the preview URL for this PR (updated for commit 7f72b96):

https://hacklytics2027--pr268-main-17vt0plf.web.app

_{(expires Sat, 23 May 2026 04:57:24 GMT)}

_{🔥 via Firebase Hosting GitHub Action 🌎}

_{Sign: c48ba34db61581e25fe2978355160b5eefe0e83f}