From 1a455702c875a02c4727e585035ae5c7659632f6 Mon Sep 17 00:00:00 2001 From: stacksharebot Date: Thu, 4 Jul 2024 14:39:24 +0000 Subject: [PATCH 1/2] Create techstack.yml --- techstack.yml | 162 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 162 insertions(+) create mode 100644 techstack.yml diff --git a/techstack.yml b/techstack.yml new file mode 100644 index 0000000000000..2c634dbdb4545 --- /dev/null +++ b/techstack.yml @@ -0,0 +1,162 @@ +repo_name: Fajar1901/fastapi +report_id: 2fada38d176e761676b0123f6798684b +version: 0.1 +repo_type: Public +timestamp: '2024-07-04T14:39:23+00:00' +requested_by: invalid-email-address +provider: github +branch: master +detected_tools_count: 9 +tools: +- name: CSS 3 + description: The latest evolution of the Cascading Style Sheets language + website_url: https://developer.mozilla.org/en-US/docs/Web/CSS/CSS3 + open_source: true + hosted_saas: false + category: Languages & Frameworks + sub_category: Languages + image_url: https://img.stackshare.io/service/6727/css.png + detection_source_url: https://github.com/Fajar1901/fastapi + detection_source: Repo Metadata +- name: Python + description: A clear and powerful object-oriented programming language, comparable + to Perl, Ruby, Scheme, or Java. + website_url: https://www.python.org + open_source: true + hosted_saas: false + category: Languages & Frameworks + sub_category: Languages + image_url: https://img.stackshare.io/service/993/pUBY5pVj.png + detection_source_url: https://github.com/Fajar1901/fastapi + detection_source: Repo Metadata +- name: Docker + description: Enterprise Container Platform for High-Velocity Innovation. + website_url: https://www.docker.com/ + license: Apache-2.0 + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Virtual Machine Platforms & Containers + image_url: https://img.stackshare.io/service/586/n4u37v9t_400x400.png + detection_source_url: https://github.com/Fajar1901/fastapi/blob/master/.github/actions/comment-docs-preview-in-pr/Dockerfile + detection_source: ".github/actions/comment-docs-preview-in-pr/Dockerfile" + last_updated_by: Sebastián Ramírez + last_updated_on: 2020-10-25 17:54:36.000000000 Z +- name: Git + description: Fast, scalable, distributed revision control system + website_url: http://git-scm.com/ + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Version Control System + image_url: https://img.stackshare.io/service/1046/git.png + detection_source_url: https://github.com/Fajar1901/fastapi + detection_source: Repo Metadata +- name: GitHub Actions + description: Automate your workflow from idea to production + website_url: https://github.com/features/actions + open_source: false + hosted_saas: true + category: Build, Test, Deploy + sub_category: Continuous Integration + image_url: https://img.stackshare.io/service/11563/actions.png + detection_source_url: https://github.com/Fajar1901/fastapi/blob/master/.github/workflows/build-docs.yml + detection_source: ".github/workflows/build-docs.yml" + last_updated_by: dependabot[bot] + last_updated_on: 2022-10-31 17:37:23.000000000 Z +- name: PyPI + description: A repository of software for the Python programming language + website_url: https://pypi.org/ + open_source: false + hosted_saas: false + category: Build, Test, Deploy + sub_category: Hosted Package Repository + image_url: https://img.stackshare.io/service/12572/-RIWgodF_400x400.jpg + detection_source_url: https://github.com/Fajar1901/fastapi/blob/master/pyproject.toml + detection_source: pyproject.toml + last_updated_by: Sebastián Ramírez + last_updated_on: 2018-12-08 07:57:18.000000000 Z +- name: Shell + description: A shell is a text-based terminal, used for manipulating programs and + files. Shell scripts typically manage program execution. + website_url: https://en.wikipedia.org/wiki/Shell_script + open_source: false + hosted_saas: false + category: Languages & Frameworks + sub_category: Languages + image_url: https://img.stackshare.io/service/4631/default_c2062d40130562bdc836c13dbca02d318205a962.png + detection_source_url: https://github.com/Fajar1901/fastapi + detection_source: Repo Metadata +- name: starlette + description: The little ASGI library that shines + package_url: https://pypi.org/project/starlette + version: 0.21.0 + license: BSD-3-Clause + open_source: true + hosted_saas: false + category: Libraries + sub_category: PyPI Packages + image_url: https://img.stackshare.io/package/20295/default_640b00772a7025571fa2ac02de971e76f9662aa9.png + detection_source_url: https://github.com/Fajar1901/fastapi/blob/master/pyproject.toml + detection_source: pyproject.toml + last_updated_by: Sebastián Ramírez + last_updated_on: 2022-11-13 18:19:04.000000000 Z + vulnerabilities: + - name: python-multipart vulnerable to Content-Type Header ReDoS + cve_id: CVE-2024-24762 + cve_url: https://github.com/advisories/GHSA-2jv5-9r88-3w3p + detected_date: Feb 17 + severity: high + first_patched: 0.36.2 + - name: 'Duplicate Advisory: Starlette Content-Type Header ReDoS' + cve_id: + cve_url: https://github.com/advisories/GHSA-93gm-qmq6-w238 + detected_date: Feb 6 + severity: high + first_patched: 0.36.2 + - name: 'Duplicate Advisory: Starlette vulnerable to directory traversal' + cve_id: + cve_url: https://github.com/advisories/GHSA-qj8w-rv5x-2v9h + detected_date: Jun 6 + severity: high + first_patched: 0.27.0 + - name: Starlette allows an unauthenticated and remote attacker to specify any number + of form fields or files + cve_id: CVE-2023-30798 + cve_url: https://github.com/advisories/GHSA-3qj8-93xh-pwh2 + detected_date: Apr 22 + severity: high + first_patched: 0.25.0 + - name: MultipartParser denial of service with too many fields or files + cve_id: + cve_url: https://github.com/advisories/GHSA-74m5-2c7w-9w3x + detected_date: Feb 15 + severity: moderate + first_patched: 0.25.0 + - name: Starlette has Path Traversal vulnerability in StaticFiles + cve_id: CVE-2023-29159 + cve_url: https://github.com/advisories/GHSA-v5gw-mw7f-84px + detected_date: May 17 + severity: low + first_patched: 0.27.0 +- name: pydantic + description: Data validation and settings management using python 3.6 type hinting + package_url: https://pypi.org/project/pydantic + version: 1.6.2 + license: MIT + open_source: true + hosted_saas: false + category: Libraries + sub_category: PyPI Packages + image_url: https://img.stackshare.io/package/20022/default_b0d1a54f127d7017fce41c15f5e85568fb7019ed.png + detection_source_url: https://github.com/Fajar1901/fastapi/blob/master/pyproject.toml + detection_source: pyproject.toml + last_updated_by: Sebastián Ramírez + last_updated_on: 2022-11-13 18:19:04.000000000 Z + vulnerabilities: + - name: Pydantic regular expression denial of service + cve_id: CVE-2024-3772 + cve_url: https://github.com/advisories/GHSA-mr82-8j83-vxmv + detected_date: Apr 25 + severity: moderate + first_patched: 1.10.13 From 36be32c103143cfd613438cebe31a59cad974058 Mon Sep 17 00:00:00 2001 From: stacksharebot Date: Thu, 4 Jul 2024 14:39:25 +0000 Subject: [PATCH 2/2] Create techstack.md --- techstack.md | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 techstack.md diff --git a/techstack.md b/techstack.md new file mode 100644 index 0000000000000..71543a78b2c4e --- /dev/null +++ b/techstack.md @@ -0,0 +1,121 @@ + +
+ +# Tech Stack File +![](https://img.stackshare.io/repo.svg "repo") [Fajar1901/fastapi](https://github.com/Fajar1901/fastapi)![](https://img.stackshare.io/public_badge.svg "public") +

+|9
Tools used|07/04/24
Report generated| +|------|------| +
+ +## Languages (2) + + + + + + +
+ CSS 3 +
+ CSS 3 +
+ +		 + Python +
+ Python +
+ +
+ +## DevOps (4) + + + + + + + + + + +
+ Docker +
+ Docker +
+ +		 + Git +
+ Git +
+ +		 + GitHub Actions +
+ GitHub Actions +
+ +		 + PyPI +
+ PyPI +
+ +
+ +## Other (1) + + + + +
+ Shell +
+ Shell +
+ +
+ + +## Open source packages (2) + +## PyPI (2) + +|NAME|VERSION|LAST UPDATED|LAST UPDATED BY|LICENSE|VULNERABILITIES| +|:------|:------|:------|:------|:------|:------| +|[starlette](https://pypi.org/project/starlette)|v0.21.0|11/13/22|Sebastián Ramírez |BSD-3-Clause|[CVE-2024-24762](https://github.com/advisories/GHSA-2jv5-9r88-3w3p) (High)
[](https://github.com/advisories/GHSA-93gm-qmq6-w238) (High)
[](https://github.com/advisories/GHSA-qj8w-rv5x-2v9h) (High)
[CVE-2023-30798](https://github.com/advisories/GHSA-3qj8-93xh-pwh2) (High)
[](https://github.com/advisories/GHSA-74m5-2c7w-9w3x) (Moderate)
[CVE-2023-29159](https://github.com/advisories/GHSA-v5gw-mw7f-84px) (Low)| +|[pydantic](https://pypi.org/project/pydantic)|v1.6.2|11/13/22|Sebastián Ramírez |MIT|[CVE-2024-3772](https://github.com/advisories/GHSA-mr82-8j83-vxmv) (Moderate)| + +
+
+ +Generated via [Stack File](https://github.com/marketplace/stack-file)