codeql sa

.github/workflows/SA-codeql.yml

@@ -1,21 +1,9 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: CodeQL Security Scan
 
 on:
   push:
     branches: [ master ]
   pull_request:
-    # The branches below must be a subset of the branches above
     branches: [ master ]
 #   schedule:
 #     - cron: '15 17 * * 1'

.github/workflows/SA-phpstan.yml

@@ -1,36 +0,0 @@
-# This workflow runs PHPStan security analysis tool
-# More information: https://github.com/phpstan/phpstan
-name: PHPStan Security Scan
-on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
-jobs:
-  phpstan-security-scan:
-    name: PHPStan Security Scan
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v2
-      - name: Setup PHP
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: '8.0'
-          #coverage: none
-          ini-values: "memory_limit=-1"
-          #extensions: mbstring, intl
-      - name: Download deps
-        run: composer update --no-interaction --no-progress
-      - name: Download PHPStan
-        run: composer require --dev phpstan/phpstan
-      - name: Download Larastan v1 # (Laravel Framework 6.20.44), v2 is for Laravel >=9
-        run: composer require nunomaduro/larastan:^1.0 --dev
-      - name: Download mcrypt helper
-        run: wget https://raw.githubusercontent.com/JetBrains/phpstorm-stubs/master/mcrypt/mcrypt.php -O _mcrypt_helper.php
-      - name: Delete conflicting file
-        run: rm -f database/migrations/2015_11_05_183749_image.php
-      - name: Execute PHPStan
-        run: vendor/bin/phpstan analyze app config routes --no-progress --error-format=github -l 5
-        env: 
-          APP_KEY: APP_KEY_CREATED_FOR_PHPSTAN_SDLC

.github/workflows/SA-psalm.yml

@@ -1,57 +0,0 @@
-name: Psalm Security Scan
-on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
-jobs:
-  psalm-security-scan-basic:
-    name: Psalm Security Scan
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v2
-      - name: Setup PHP
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: '8.0'
-          coverage: none
-          ini-values: "memory_limit=-1"
-          extensions: mbstring, intl
-      - name: Download deps
-        run: composer update --no-interaction --no-progress
-      - name: Install laravel-ide-helper
-        run: composer require --dev barryvdh/laravel-ide-helper
-      - name: Download Psalm
-        run: composer require --dev vimeo/psalm
-      - name: PHPDoc generation for Laravel Facades
-        run: php artisan ide-helper:generate
-      - name: Download mcrypt helper
-        run: wget https://raw.githubusercontent.com/JetBrains/phpstorm-stubs/master/mcrypt/mcrypt.php -O _mcrypt_helper.php
-      - name: Execute Psalm
-        run: ./vendor/bin/psalm --long-progress --output-format=github --no-cache
-
-  psalm-security-scan-taint-analysis:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v2
-      - name: Setup PHP
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: '8.0'
-          coverage: none
-          ini-values: "memory_limit=-1"
-          extensions: mbstring, intl
-      - name: Download deps
-        run: composer update --no-interaction --no-progress
-      - name: Install laravel-ide-helper
-        run: composer require --dev barryvdh/laravel-ide-helper
-      - name: Download Psalm
-        run: composer require --dev vimeo/psalm
-      - name: Download mcrypt helper
-        run: wget https://raw.githubusercontent.com/JetBrains/phpstorm-stubs/master/mcrypt/mcrypt.php -O _mcrypt_helper.php
-      - name: PHPDoc generation for Laravel Facades
-        run: php artisan ide-helper:generate
-      - name: Execute Psalm (Taint Analysis)
-        run: ./vendor/bin/psalm --long-progress --output-format=github --taint-analysis

.github/workflows/SA-semgrep.yml

@@ -1,29 +0,0 @@
-name: Semgrep Security Scan
-
-on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
-
-permissions:
-  contents: read
-
-jobs:
-  semgrep-security-scan:
-    name: Semgrep Security Scan
-    runs-on: ubuntu-latest
-    # Skip any PR created by dependabot to avoid permission issues
-    if: (github.actor != 'dependabot[bot]')
-    steps:
-      # Fetch project source
-      - uses: actions/checkout@v2
-
-      - uses: returntocorp/semgrep-action@v1
-        with:
-          config: >- # more at semgrep.dev/explore
-            p/security-audit
-            p/secrets
-            p/phpcs-security-audit
-        env:
-          SEMGREP_TIMEOUT: 9900

dotenv.php

@@ -1,9 +0,0 @@
-<?php
-use Dotenv\Dotenv;
-
-require __DIR__ . '/vendor/autoload.php';
-
-$dotenv = Dotenv::create(dirname(__DIR__), 'snipe-it/.env.testing');
-$dotenv->load(__DIR__.'/.env');
-
-?>

phpstan.neon

@@ -1,14 +0,0 @@
-includes:
-    - ./vendor/nunomaduro/larastan/extension.neon
-parameters:
-    reportUnmatchedIgnoredErrors: false
-    bootstrapFiles:
-        # - dotenv.php
-        - c3.php
-        - _mcrypt_helper.php
-    ignoreErrors:
-        - '#PHPDoc tag .#'
-    excludePaths:
-        - tests/*
-        - vendor/*
-        - database/*

psalm.xml

@@ -1,23 +0,0 @@
-<?xml version="1.0"?>
-<psalm
-    errorLevel="7"
-    resolveFromConfigFile="true"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns="https://getpsalm.org/schema/config"
-    xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
->
-    <projectFiles>
-        <directory name="app" />
-        <ignoreFiles>
-            <directory name="vendor" />
-            <directory name="tests" />
-        </ignoreFiles>
-    </projectFiles>
-    <stubs>
-        <file name="_ide_helper.php" />
-        <file name="_mcrypt_helper.php" />
-    </stubs>
-    <issueHandlers>
-        <UndefinedDocblockClass errorLevel="suppress" />
-    </issueHandlers>
-</psalm>

public/js/plugins/chartjs/Chart.bundle.js

@@ -2431,7 +2431,7 @@ module.exports = {
 
     // LOCALES
 
-    var MONTHS_IN_FORMAT = /D[oD]?(\[[^\[\]]*\]|\s+)+MMMM?/;
+    var MONTHS_IN_FORMAT = /D[oD]?(\[[^\[\]]*\]|\s)+MMMM?/;
     var defaultLocaleMonths = 'January_February_March_April_May_June_July_August_September_October_November_December'.split('_');
     function localeMonths (m, format) {
         return isArray(this._months) ? this._months[m.month()] :