feat: Comprehensive Package Restructure and Protocol Implementation by 24601 · Pull Request #3 · 24601/canopy

Check warning on line 95 in .github/workflows/benchmarks.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 160 in .github/workflows/benchmarks.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 217 in .github/workflows/benchmarks.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 269 in .github/workflows/benchmarks.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Check warning on line 52 in .github/workflows/ci.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 79 in .github/workflows/ci.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 125 in .github/workflows/ci.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 197 in .github/workflows/ci.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 236 in .github/workflows/ci.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 264 in .github/workflows/ci.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 29 in .github/workflows/pre-commit.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check warning on line 78 in .github/workflows/test.yml

Code scanning / CodeQL

Workflow does not contain permissions Medium test

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Check failure on line 370 in canopy/mcp_server.py

Code scanning / CodeQL

Bad HTML filtering regexp High

This regular expression does not match script end tags like </script >.

Check warning on line 292 in canopy_core/api_server.py

Code scanning / CodeQL

Information exposure through an exception Medium

flows to this location and may be exposed to an external user.

Check warning on line 361 in canopy_core/api_server.py

Code scanning / CodeQL

Information exposure through an exception Medium

flows to this location and may be exposed to an external user.

Check warning on line 578 in canopy_core/api_server.py

Code scanning / CodeQL

Information exposure through an exception Medium

flows to this location and may be exposed to an external user.

Check failure on line 35 in canopy_core/config.py

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

.
This path depends on a

.

Check failure on line 39 in canopy_core/config.py

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

.
This path depends on a

.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Comprehensive Package Restructure and Protocol Implementation#3

feat: Comprehensive Package Restructure and Protocol Implementation#3
24601 wants to merge 13 commits into
mainfrom
feat/mcp-a2a-implementation

Uh oh!

18 new alerts including 3 high severity security vulnerabilities

New alerts in code changed by this pull request

Annotations

Re-running checks...

fix: Major CI/CD fixes for PR #3

Uh oh!

18 new alerts including 3 high severity security vulnerabilities

New alerts in code changed by this pull request

Annotations

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Re-running checks...