chore(deps): update dependency @faker-js/faker to v10

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@faker-js/faker (source)	9.9.0 → 10.5.0

---

Release Notes

faker-js/faker (@​faker-js/faker)

v10.5.0

Compare Source

New Locales

• locale: add color to cy (#​3816) (5a6379f)
• locale: add Farsi airline module locale (#​3789) (f4a1c3e)
• locale: add mn_MN_cyrl (Mongolian) locale (#​3796) (d17c0f1)
• locale: Add more realistic Greek address data (#​3792) (6153eb7)
• locale: Add postal_address and improved secondary_address for es (#​3798) (6c2a0ab)
• locale: add sl_SI locale, location module (#​3652) (28d4f7c)
• locale: add Welsh (cy) animal type definitions (#​3842) (50a5ec9)
• locale: add Welsh (cy) book format definitions (#​3846) (#​3846) (2b32d6e)
• locale: add Welsh (cy) building numbers definition (#​3892) (4996a2b)
• locale: add Welsh (cy) city name definitions (#​3884) (ac36c22)
• locale: add Welsh (cy) continents definitions (#​3880) (03a1682)
• locale: add Welsh (cy) county definitions (#​3849) (f51d28a)
• locale: add Welsh (cy) direction definitions (#​3840) (d862071)
• locale: add Welsh (cy) internet domain suffix definitions (#​3865) (#​3865) (fb2e2cb)
• locale: add Welsh (cy) phone number definitions (#​3878) (70994db)
• locale: add Welsh (cy) postal address definitions (#​3850) (e72fd7c)
• locale: add Welsh (cy) postcode definitions (#​3851) (1afbd59)
• locale: add Welsh (cy) sex definitions (#​3824) (6f29eb7)
• locale: add Welsh (cy) state definitions (#​3891) (#​3891) (606d47c)
• locale: add Welsh (cy) street name definitions (#​3889) (143789e)
• locale: add Welsh (cy) vehicle fuel definitions (#​3845) (29c918a)
• locale: extend tr person last names (#​3839) (f433771)
• locale: improved en_GB postcodes (#​3864) (a4e5039)
• locale: improved en_IE postal_address (#​3797) (fb3ffd3)

Features

• add first standalone module functions (#​3818) (5d4f5de)
• date: add ability to provide date range for recent and soon (#​3844) (0bc038d)
• date: add ability to provide year range for past and future (#​3783) (237e7dc)
• food: expand plant-based dish and pattern variety (#​3887) (5eaf729)
• introduce FakerCore (#​2838) (68e15d7)
• location: add postal address generation (#​3760) (753bec6)
• number: add distributor functions (#​3375) (325e402)
• phone: mobile style for phone.number (#​3583) (cd5953b)

Bug Fixes

• date: incorrect date boundary in past and future (#​3827) (0446411)
• finance: routingNumber now uses real FederalReserveRoutingSymbol from lookup table. (#​3429) (c53c1fe)
• food: correct fruit and vegetable locale data (#​3800) (30a812a)
• handle single-character fromRegExp patterns (#​3877) (ec6cc3b)
• helpers: ignore wrapper characters in fromRegExp (#​3795) (9e2c0e3)
• helpers: lazy results in fake (#​3852) (5458620)
• hide warnings for permanently disabled test stubs (#​3860) (03252b9)
• link release checklist in release PR workflow (#​3802) (8436c4f)
• locale: changed farsi phone locales to correct ones (#​3775) (5e1ce98)
• locale: phone numbers for en_AU (#​3788) (eba7d99)
• locale: remove citation brackets from snake names (#​3822) (bda44d0)
• locale: typo in de_CH last name (#​3799) (17138d8)
• validate unsupported fileExt mime types (#​3879) (d11b5d3)

v10.4.0

Compare Source

New Locales

• locale: add Japanese bear definitions (#​3720) (2a4b15c)
• locale: add Japanese bird definitions (#​3719) (dc31ff8)
• locale: add Japanese cat breed definitions (#​3716) (54af8a8)
• locale: add Japanese cattle breed definitions (#​3717) (c2c7342)
• locale: add Japanese fish definitions (#​3721) (15fc361)
• locale: add Japanese horse breed definitions (#​3718) (e02536e)
• locale: add Norwegian (nb_NO) country definition (#​3714) (614b4e9)

Features

• fi locale phone numbers (#​3747) (7afa8b5)
• food: add plant-based dish variety (#​3745) (41edf49)

Changed Locales

• locale: filter and cleanup PersonEntryDefintions data (#​3266) (67defc8)

Bug Fixes

• locales: correct typos and capitalization in es_MX street names (#​3737) (2b32c28)

v10.3.0

Compare Source

New Locales

• locale: add Japanese dog definition (#​3715) (76c9df1)
• locale: add Japanese color definitions (#​3707) (bbbb215)
• locale: add Japanese food module (#​3706) (71d55c0)
• locale: add Japanese internet definitions (#​3708) (184a709)
• locale: add Japanese job definitions for person module (#​3705) (e7f3ccd)
• locale: add Japanese suffix definitions for person module (#​3704) (45ad7d8)
• locale: add Norwegian (nb_NO) continent definitions (#​3712) (c0f0f23)
• locale: add Norwegian (nb_NO) direction definition (#​3713) (43b18fa)
• locale: add Norwegian (nb_NO) sex definitions (#​3710) (76063f2)
• locale: add Norwegian (nb_NO) vehicle definition (#​3732) (d1c32b0)

Features

• locales: add Norwegian (nb_NO) zodiac sign definitions (#​3711) (e306542)
• person: sexType can return 'generic' (#​3259) (0e099a1)
• string: support uuid v7 (#​3701) (87c2753)

Changed Locales

• locale: normalize system locale data (#​3702) (ba91653)

Bug Fixes

• locale: remove empty string from Hebrew lorem words (#​3698) (81a896c)
• location: state name to 'Trøndelag' for nb_NO (#​3691) (eaef389)

v10.2.0

Compare Source

New Locales

• locale: add bn_BD location module (#​3614) (99a448c)
• locale: add counties & states to nb_NO location (#​3617) (3dbcbe1)
• locale: add da states (regions) (#​3656) (78c892b)
• locale: add id_ID translation for animal, color, commerce, and word also add country to location id_ID translation. (#​3608) (02c2c3e)
• locale: add ku_kmr_latin locale (#​3629) (247f42d)
• locale: add person module data to ku_ckb (#​3630) (6be2c20)

Features

• Add support for UPC (#​3648) (57b2d78)
• commerce: allow for locale-specific product name patterns (#​3657) (1cf3991)
• finance: add IR iban (#​3678) (101a74a)
• locales: add sl_SI locale, person module (#​3564) (e7c9945)
• location: Hungarian support for city name, full street address, continents, countries and directions (hu) (#​3618) (2c9aefd)

Bug Fixes

• food: move raspberry from vegetable to fruit (#​3650) (6a4f01f)
• locale: endonym should be in Latin script (#​3660) (4cda07f)
• locale: remove additional inappropriate words from ja locale (#​3665) (18a1554)
• locale: remove offensive and inappropriate words from ja locale (#​3661) (8310c8c)
• locale: remove some negative hu words (#​3664) (bd36bae)
• location: Use accents in en country names (#​3637) (24aa11f)
• vehicle: Updated spelling Mercielago to Murcielago (#​3636) (bfb1bdb)

v10.1.0

Compare Source

New Locales

• locale: Add ku_ckb locale (#​3441) (9de894a)
• locale: add Russian localization for book module (#​3628) (428ff33)

Bug Fixes

• locale: fix the Spring Airlines IATA Code (#​3612) (b547045)

v10.0.0

Compare Source

New Locales

• locale: extended list of colors in Polish (#​3586) (9940d54)

Features

• locales: add animal vocabulary(bear, bird, cat, rabbit, pet_name) in Korean (#​3535) (0d2143c)

Changed Locales

• locale: remove invalid credit card issuer patterns (#​3568) (9783d95)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[kodiakhq]

This PR currently has a merge conflict. Please resolve this and then re-add the automerge label.

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ COPYPASTE	jscpd	yes		no	no	3.6s
✅ EDITORCONFIG	editorconfig-checker	2		0	0	0.03s
✅ JSON	jsonlint	1		0	0	0.52s
✅ JSON	npm-package-json-lint	yes		no	no	0.51s
⚠️ JSON	prettier	1	0	1	0	0.46s
✅ JSON	v8r	1		0	0	8.75s
❌ REPOSITORY	checkov	yes		5	no	23.57s
❌ REPOSITORY	devskim	yes		45	no	172.57s
✅ REPOSITORY	dustilock	yes		no	no	1.07s
✅ REPOSITORY	git_diff	yes		no	no	0.03s
❌ REPOSITORY	grype	yes		92	no	63.14s
❌ REPOSITORY	kingfisher	yes		1	no	6.65s
❌ REPOSITORY	osv-scanner	yes		92	no	3.53s
❌ REPOSITORY	secretlint	yes		1	no	1.47s
✅ REPOSITORY	syft	yes		no	no	5.82s
⚠️ REPOSITORY	trivy	yes		1	no	16.38s
✅ REPOSITORY	trivy-sbom	yes		no	no	3.83s
✅ REPOSITORY	trufflehog	yes		no	no	3.96s
✅ SPELL	cspell	3		0	0	2.64s
❌ SPELL	lychee	2		1	0	0.82s
✅ YAML	prettier	1	0	0	0	0.51s
✅ YAML	v8r	1		0	0	1.4s
❌ YAML	yamllint	1		4	0	5.58s

Detailed Issues

❌ REPOSITORY / checkov - 5 errors

dockerfile scan results:

Passed checks: 77, Failed checks: 1, Skipped checks: 0

Check: CKV_DOCKER_3: "Ensure that a user for the container has been created"
	FAILED for resource: /Dockerfile.
	File: /Dockerfile:1-47
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created

		1  | ARG NODE_VERSION=lts-slim
		2  | 
		3  | FROM node:${NODE_VERSION} AS dependencies
		4  | 
		5  | WORKDIR /app
		6  | 
		7  | ENV PNPM_HOME="/pnpm"
		8  | ENV PATH="$PNPM_HOME:$PATH"
		9  | 
		10 | RUN --mount=type=cache,id=pnpm-store,target=/pnpm/store \
		11 |     --mount=type=bind,source=package.json,target=/app/package.json \
		12 |     --mount=type=bind,source=pnpm-lock.yaml,target=/app/pnpm-lock.yaml \
		13 |     corepack enable && \
		14 |     pnpm install --frozen-lockfile --strict-peer-dependencies
		15 | 
		16 | FROM dependencies AS builder
		17 | 
		18 | COPY --chown=node:node src/ /app/src
		19 | 
		20 | RUN --mount=type=bind,source=package.json,target=/app/package.json \
		21 |     --mount=type=bind,source=nest-cli.json,target=/app/nest-cli.json \
		22 |     --mount=type=bind,source=tsconfig.json,target=/app/tsconfig.json \
		23 |     --mount=type=bind,source=tsconfig.build.json,target=/app/tsconfig.build.json \
		24 |     pnpm build
		25 | 
		26 | FROM builder AS pruner
		27 | 
		28 | RUN --mount=type=cache,id=pnpm-store,target=/pnpm/store \
		29 |     --mount=type=bind,source=package.json,target=/app/package.json \
		30 |     --mount=type=bind,source=pnpm-lock.yaml,target=/app/pnpm-lock.yaml \
		31 |     pnpm prune --prod --ignore-scripts
		32 | 
		33 | FROM gcr.io/distroless/nodejs22-debian12:nonroot
		34 | 
		35 | WORKDIR /app
		36 | 
		37 | ENV PORT=3000
		38 | 
		39 | COPY --chown=nonroot:nonroot --from=pruner /app/node_modules ./node_modules
		40 | COPY --chown=nonroot:nonroot --from=builder /app/dist .
		41 | COPY --chown=nonroot:nonroot CHANGELOG.md LICENSE package.json /app/
		42 | 
		43 | EXPOSE ${PORT}
		44 | 
		45 | HEALTHCHECK --interval=30s --timeout=2s --start-period=10s --retries=2 CMD [ "/nodejs/bin/node", "bin/health-checker.js" ]
		46 | 
		47 | CMD ["main.js"]
github_actions scan results:

Passed checks: 212, Failed checks: 4, Skipped checks: 0

Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(CodeQL)
	File: /.github/workflows/codeql-analysis.yml:27-28
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Release)
	File: /.github/workflows/release.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(CI)
	File: /.github/workflows/ci.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Publish)
	File: /.github/workflows/publish.yml:11-12

❌ REPOSITORY / devskim - 45 errors

region":{"startLine":3709,"startColumn":107,"endLine":3709,"endColumn":110,"charOffset":166621,"charLength":3,"snippet":{"text":"mD2","rendered":{"text":"mD2","markdown":"`mD2`"}},"sourceLanguage":"yaml"}}}],"fixes":[],"properties":{"tags":["Cryptography.BannedHashAlgorithm"],"DevSkimSeverity":"Critical","DevSkimConfidence":"High"}},{"ruleId":"DS126858","level":"error","message":{"text":"Weak/Broken Hash Algorithm"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pnpm-lock.yaml"},"region":{"startLine":3266,"startColumn":101,"endLine":3266,"endColumn":104,"charOffset":147197,"charLength":3,"snippet":{"text":"Md4","rendered":{"text":"Md4","markdown":"`Md4`"}},"sourceLanguage":"yaml"}}}],"fixes":[],"properties":{"tags":["Cryptography.BannedHashAlgorithm"],"DevSkimSeverity":"Critical","DevSkimConfidence":"High"}},{"ruleId":"DS126858","level":"error","message":{"text":"Weak/Broken Hash Algorithm"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pnpm-lock.yaml"},"region":{"startLine":1257,"startColumn":109,"endLine":1257,"endColumn":112,"charOffset":57730,"charLength":3,"snippet":{"text":"mD4","rendered":{"text":"mD4","markdown":"`mD4`"}},"sourceLanguage":"yaml"}}}],"fixes":[],"properties":{"tags":["Cryptography.BannedHashAlgorithm"],"DevSkimSeverity":"Critical","DevSkimConfidence":"High"}},{"ruleId":"DS126858","level":"error","message":{"text":"Weak/Broken Hash Algorithm"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pnpm-lock.yaml"},"region":{"startLine":950,"startColumn":91,"endLine":950,"endColumn":94,"charOffset":43435,"charLength":3,"snippet":{"text":"mD5","rendered":{"text":"mD5","markdown":"`mD5`"}},"sourceLanguage":"yaml"}}}],"fixes":[],"properties":{"tags":["Cryptography.BannedHashAlgorithm"],"DevSkimSeverity":"Critical","DevSkimConfidence":"High"}},{"ruleId":"DS126858","level":"error","message":{"text":"Weak/Broken Hash Algorithm"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pnpm-lock.yaml"},"region":{"startLine":902,"startColumn":61,"endLine":902,"endColumn":64,"charOffset":41182,"charLength":3,"snippet":{"text":"Md5","rendered":{"text":"Md5","markdown":"`Md5`"}},"sourceLanguage":"yaml"}}}],"fixes":[],"properties":{"tags":["Cryptography.BannedHashAlgorithm"],"DevSkimSeverity":"Critical","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":".devcontainer/docker-compose.yml"},"region":{"startLine":24,"startColumn":50,"endLine":24,"endColumn":59,"charOffset":717,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/auth.end2end.spec.ts"},"region":{"startLine":188,"startColumn":20,"endLine":188,"endColumn":29,"charOffset":5337,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"typescript"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS197836","level":"error","message":{"text":"Do not take the hash of low-entropy content."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pnpm-lock.yaml"},"region":{"startLine":714,"startColumn":28,"endLine":714,"endColumn":53,"charOffset":31884,"charLength":25,"snippet":{"text":"sha512-hO+ga+uYZ/WA4OtiME","rendered":{"text":"sha512-hO+ga+uYZ/WA4OtiME","markdown":"`sha512-hO+ga+uYZ/WA4OtiME`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Cryptography.HashAlgorithm.InsufficientEntropy"],"DevSkimSeverity":"Important","DevSkimConfidence":"High"}}],"columnKind":"utf16CodeUnits"}]}

(Truncated to last 4000 characters out of 313729)

❌ REPOSITORY / grype - 92 errors

4.17.21    4.17.23   npm   GHSA-xxjr-mmjv-4gpg  Medium    0.3% (23rd)  0.2    
lodash-es             4.17.21    4.17.23   npm   GHSA-xxjr-mmjv-4gpg  Medium    0.3% (23rd)  0.2    
uuid                  9.0.1      11.1.1    npm   GHSA-w5hq-g745-h8pq  Medium    0.3% (22nd)  0.2    
lodash                4.17.21    4.18.0    npm   GHSA-f23m-r3pf-42rh  Medium    0.3% (21st)  0.2    
lodash                4.17.23    4.18.0    npm   GHSA-f23m-r3pf-42rh  Medium    0.3% (21st)  0.2    
lodash-es             4.17.21    4.18.0    npm   GHSA-f23m-r3pf-42rh  Medium    0.3% (21st)  0.2    
qs                    6.14.0     6.14.2    npm   GHSA-w7fw-mjwx-w883  Low       0.5% (37th)  0.2    
diff                  4.0.2      4.0.4     npm   GHSA-73rr-hh4g-fpgx  Low       0.5% (39th)  0.1    
jws                   3.2.2      3.2.3     npm   GHSA-869p-cjfg-cm3x  High      0.2% (9th)   0.1    
qs                    6.14.0     6.15.2    npm   GHSA-q8mj-m7cp-5q26  Medium    0.3% (18th)  0.1    
qs                    6.15.0     6.15.2    npm   GHSA-q8mj-m7cp-5q26  Medium    0.3% (18th)  0.1    
multer                2.0.2      2.2.0     npm   GHSA-3p4h-7m6x-2hcm  Medium    0.3% (19th)  0.1    
@nestjs/core          10.4.22    11.1.18   npm   GHSA-36xv-jgw5-4q75  Medium    0.2% (14th)  0.1    
undici                7.22.0     7.28.0    npm   GHSA-pr7r-676h-xcf6  Medium    0.2% (13th)  0.1    
undici                6.14.1     6.24.0    npm   GHSA-4992-7rv2-5pvq  Medium    0.3% (16th)  0.1    
undici                6.23.0     6.24.0    npm   GHSA-4992-7rv2-5pvq  Medium    0.3% (16th)  0.1    
undici                7.22.0     7.24.0    npm   GHSA-4992-7rv2-5pvq  Medium    0.3% (16th)  0.1    
undici                6.14.1     6.19.2    npm   GHSA-3g92-w8c5-73pq  Low       0.5% (36th)  0.1    
brace-expansion       1.1.11     1.1.12    npm   GHSA-v6h2-p8h4-qcjw  Low       0.4% (35th)  0.1    
brace-expansion       2.0.1      2.0.2     npm   GHSA-v6h2-p8h4-qcjw  Low       0.4% (35th)  0.1    
brace-expansion       5.0.4      5.0.6     npm   GHSA-jxxr-4gwj-5jf2  Medium    0.2% (10th)  0.1    
undici                6.14.1     6.27.0    npm   GHSA-p88m-4jfj-68fv  Medium    0.2% (10th)  0.1    
undici                6.23.0     6.27.0    npm   GHSA-p88m-4jfj-68fv  Medium    0.2% (10th)  0.1    
undici                7.22.0     7.28.0    npm   GHSA-p88m-4jfj-68fv  Medium    0.2% (10th)  0.1    
tmp                   0.0.33     0.2.4     npm   GHSA-52f5-9888-hmc6  Low       0.3% (22nd)  < 0.1  
undici                6.14.1     6.21.2    npm   GHSA-cxrh-j4jr-qwg3  Low       0.3% (16th)  < 0.1  
webpack               5.97.1     5.104.0   npm   GHSA-38r7-794h-5758  Low       0.2% (9th)   < 0.1  
webpack               5.97.1     5.104.1   npm   GHSA-8fgc-7cc6-rx7x  Low       0.2% (9th)   < 0.1  
undici                6.14.1     6.27.0    npm   GHSA-g8m3-5g58-fq7m  Low       0.2% (9th)   < 0.1  
undici                6.23.0     6.27.0    npm   GHSA-g8m3-5g58-fq7m  Low       0.2% (9th)   < 0.1  
undici                7.22.0     7.28.0    npm   GHSA-g8m3-5g58-fq7m  Low       0.2% (9th)   < 0.1  
undici                6.14.1     6.27.0    npm   GHSA-35p6-xmwp-9g52  Low       0.2% (7th)   < 0.1  
undici                6.23.0     6.27.0    npm   GHSA-35p6-xmwp-9g52  Low       0.2% (7th)   < 0.1  
undici                7.22.0     7.28.0    npm   GHSA-35p6-xmwp-9g52  Low       0.2% (7th)   < 0.1  
serialize-javascript  6.0.1      7.0.3     npm   GHSA-5c6j-r48x-rmvq  High      N/A          N/A    
follow-redirects      1.15.9     1.16.0    npm   GHSA-r4q5-vmmm-2653  Medium    N/A          N/A    
js-yaml               3.14.1     4.2.0     npm   GHSA-h67p-54hq-rp68  Medium    N/A          N/A    
js-yaml               4.1.0      4.2.0     npm   GHSA-h67p-54hq-rp68  Medium    N/A          N/A    
@babel/core           7.27.4     7.29.6    npm   GHSA-4x5r-pxfx-6jf8  Low       N/A          N/A
[0062] ERROR discovered vulnerabilities at or above the severity threshold

(Truncated to last 4000 characters out of 9608)

❌ REPOSITORY / kingfisher - 1 error

New Kingfisher release 1.103.0 available
 INFO kingfisher: Launching with 8 concurrent scan jobs. Use --num-jobs to override.
 INFO kingfisher::rule_loader: Loaded 921 rules
 INFO kingfisher::scanner::runner: Starting secret validation phase...
POSTGRES URL WITH HARDCODED PASSWORD => [KINGFISHER.POSTGRES.1]
 |Finding.......: [REDACTED:46313fb2]
 |Fingerprint...: 2034115162828868254
 |Confidence....: medium
 |Entropy.......: 3.87
 |Validation....: Inactive Credential
 |__Response....: Postgres connection failed.
 |Language......: YAML
 |Line Num......: 24
 |Path..........: ./.devcontainer/docker-compose.yml


==========================================
Scan Summary:
==========================================
 |Findings....................: 1
 |__Successful Validations....: 0
 |__Failed Validations........: 1
 |__Skipped Validations.......: 0
 |Rules Applied...............: 921
 |__Blobs Scanned.............: 226
 |Bytes Scanned...............: 8.19 MiB
 |Scan Duration...............: 102ms 742us 784ns
 |Scan Date...................: 2026-06-20 21:35:39 +00:00
 |Kingfisher Version..........: 1.99.0
 |__Latest Version............: 1.103.0
New Kingfisher release 1.103.0 available

❌ SPELL / lychee - 1 error

📝 Summary
---------------------
🔍 Total............7
🔗 Unique...........4
✅ Successful.......1
⏳ Timeouts.........0
🔀 Redirected.......1
👻 Excluded.........5
❓ Unknown..........0
🚫 Errors...........1
⛔ Unsupported......1

Errors in pnpm-lock.yaml
[403] https://www.npmjs.com/support (at 2286:65) | Rejected status code: 403 Forbidden

Hint: Followed 1 redirect. You might want to consider replacing redirecting URLs with the resolved URLs. Use verbose mode (`-v`/`-vv`) to see redirection details.
Hint: You can configure accepted/rejected response codes with `-a` or `--accept`

❌ REPOSITORY / osv-scanner - 92 errors

| https://osv.dev/GHSA-g8m3-5g58-fq7m | 3.7  | npm       | undici               | 6.14.1  | 6.27.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-g9mf-h72j-4rw9 | 5.9  | npm       | undici               | 6.14.1  | 6.23.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-p88m-4jfj-68fv | 5.9  | npm       | undici               | 6.14.1  | 6.27.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-v9p9-hfj2-hcw8 | 7.5  | npm       | undici               | 6.14.1  | 6.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-vrm6-8vpv-qv8q | 7.5  | npm       | undici               | 6.14.1  | 6.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-vxpw-j846-p89q | 7.5  | npm       | undici               | 6.14.1  | 6.27.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-2mjp-6q6p-2qxm | 6.5  | npm       | undici               | 6.23.0  | 6.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-35p6-xmwp-9g52 | 3.7  | npm       | undici               | 6.23.0  | 6.27.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-4992-7rv2-5pvq | 4.6  | npm       | undici               | 6.23.0  | 6.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-f269-vfmq-vjvj | 7.5  | npm       | undici               | 6.23.0  | 6.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-g8m3-5g58-fq7m | 3.7  | npm       | undici               | 6.23.0  | 6.27.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-p88m-4jfj-68fv | 5.9  | npm       | undici               | 6.23.0  | 6.27.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-v9p9-hfj2-hcw8 | 7.5  | npm       | undici               | 6.23.0  | 6.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-vrm6-8vpv-qv8q | 7.5  | npm       | undici               | 6.23.0  | 6.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-vxpw-j846-p89q | 7.5  | npm       | undici               | 6.23.0  | 6.27.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-2mjp-6q6p-2qxm | 6.5  | npm       | undici               | 7.22.0  | 7.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-35p6-xmwp-9g52 | 3.7  | npm       | undici               | 7.22.0  | 7.28.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-4992-7rv2-5pvq | 4.6  | npm       | undici               | 7.22.0  | 7.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-f269-vfmq-vjvj | 7.5  | npm       | undici               | 7.22.0  | 7.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-g8m3-5g58-fq7m | 3.7  | npm       | undici               | 7.22.0  | 7.28.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-p88m-4jfj-68fv | 5.9  | npm       | undici               | 7.22.0  | 7.28.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-phc3-fgpg-7m6h | 5.9  | npm       | undici               | 7.22.0  | 7.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-pr7r-676h-xcf6 | 5.9  | npm       | undici               | 7.22.0  | 7.28.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-v9p9-hfj2-hcw8 | 7.5  | npm       | undici               | 7.22.0  | 7.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-vrm6-8vpv-qv8q | 7.5  | npm       | undici               | 7.22.0  | 7.24.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-vxpw-j846-p89q | 7.5  | npm       | undici               | 7.22.0  | 7.28.0        | pnpm-lock.yaml |
| https://osv.dev/GHSA-w5hq-g745-h8pq | 7.5  | npm       | uuid                 | 9.0.1   | 11.1.1        | pnpm-lock.yaml |
| https://osv.dev/GHSA-38r7-794h-5758 | 3.7  | npm       | webpack              | 5.97.1  | 5.104.0       | pnpm-lock.yaml |
| https://osv.dev/GHSA-8fgc-7cc6-rx7x | 3.7  | npm       | webpack              | 5.97.1  | 5.104.1       | pnpm-lock.yaml |
| https://osv.dev/GHSA-58qx-3vcg-4xpx | 4.4  | npm       | ws                   | 8.18.1  | 8.20.1        | pnpm-lock.yaml |
| https://osv.dev/GHSA-96hv-2xvq-fx4p | 7.5  | npm       | ws                   | 8.18.1  | 8.21.0        | pnpm-lock.yaml |
+-------------------------------------+------+-----------+----------------------+---------+---------------+----------------+

(Truncated to last 4000 characters out of 12372)

❌ REPOSITORY / secretlint - 1 error

.devcontainer/docker-compose.yml
  24:21  error  [PostgreSQLConnection] found PostgreSQL connection string: ****************************************************  @secretlint/secretlint-rule-preset-recommend > @secretlint/secretlint-rule-database-connection-string

.github/workflows/ci.yml
  89:24  error  [PostgreSQLConnection] found PostgreSQL connection string: *************************************************  @secretlint/secretlint-rule-preset-recommend > @secretlint/secretlint-rule-database-connection-string
  95:24  error  [PostgreSQLConnection] found PostgreSQL connection string: *************************************************  @secretlint/secretlint-rule-preset-recommend > @secretlint/secretlint-rule-database-connection-string

✖ 3 problems (3 errors, 0 warnings, 0 infos)

❌ YAML / yamllint - 4 errors

pnpm-lock.yaml
  1:1       warning  missing document start "---"  (document-start)
  40:501    error    line too long (545 > 500 characters)  (line-length)
  10071:501 error    line too long (537 > 500 characters)  (line-length)
  10206:501 error    line too long (584 > 500 characters)  (line-length)

⚠️ JSON / prettier - 1 error

[error] Cannot find package 'prettier-plugin-toml' imported from noop.js

⚠️ REPOSITORY / trivy - 1 error

│        │                   │ 6.27.0, 7.28.0, 8.5.0                                   │ undici: undici: Weakening of cookie SameSite policy due to   │
│                 │                │          │        │                   │                                                         │ incorrect parsing of...                                      │
│                 │                │          │        │                   │                                                         │ https://avd.aquasec.com/nvd/cve-2026-11525                   │
│                 ├────────────────┤          │        │                   │                                                         ├──────────────────────────────────────────────────────────────┤
│                 │ CVE-2026-6733  │          │        │                   │                                                         │ undici: Undici: Response queue poisoning on reused           │
│                 │                │          │        │                   │                                                         │ keep-alive sockets can lead to...                            │
│                 │                │          │        │                   │                                                         │ https://avd.aquasec.com/nvd/cve-2026-6733                    │
├─────────────────┼────────────────┼──────────┤        ├───────────────────┼─────────────────────────────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│ uuid            │ CVE-2026-41907 │ MEDIUM   │        │ 9.0.1             │ 11.1.1, 12.0.1, 13.0.1                                  │ uuid: uuid: Out-of-bounds write vulnerability impacts data   │
│                 │                │          │        │                   │                                                         │ integrity and confidentiality                                │
│                 │                │          │        │                   │                                                         │ https://avd.aquasec.com/nvd/cve-2026-41907                   │
└─────────────────┴────────────────┴──────────┴────────┴───────────────────┴─────────────────────────────────────────────────────────┴──────────────────────────────────────────────────────────────┘

.devcontainer/Dockerfile (dockerfile)
=====================================
Tests: 27 (SUCCESSES: 25, FAILURES: 2)
Failures: 2 (UNKNOWN: 0, LOW: 1, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds-0002
────────────────────────────────────────


DS-0026 (LOW): Add HEALTHCHECK instruction in your Dockerfile
════════════════════════════════════════
You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.

See https://avd.aquasec.com/misconfig/ds-0026
────────────────────────────────────────



Dockerfile (dockerfile)
=======================
Tests: 27 (SUCCESSES: 26, FAILURES: 1)
Failures: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds-0002
────────────────────────────────────────



📣 Notices:
  - Version 0.71.2 of Trivy is now available, current version is 0.70.0

To suppress version checks, run Trivy scans with the --skip-version-check flag

(Truncated to last 4000 characters out of 33437)

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

Show us your support by starring ⭐ the repository