Psalm static code analysis

[stable32] build(deps-dev): bump @zip.js/zip.js from 2.8.11 to 2.8.15 #71922

Sign in to view logs

Triggered via pull request January 17, 2026 02:53

dependabot[bot]

opened #57615

dependabot/npm_and_yarn/stable32/zip.js/zip.js-2.8.15

Status Success

Total duration 22m 31s

Artifacts –

static-code-analysis.yml

on: pull_request

static-code-analysis

static-code-analysis-security

static-code-analysis-ocp

static-code-analysis-ncu

Annotations

2 errors and 1 warning

TaintedCallable: apps/workflowengine/lib/Manager.php#L495

apps/workflowengine/lib/Manager.php:495:39: TaintedCallable: Detected tainted text (see https://psalm.dev/243)

TaintedCallable: apps/workflowengine/lib/Manager.php#L462

apps/workflowengine/lib/Manager.php:462:38: TaintedCallable: Detected tainted text (see https://psalm.dev/243)

static-code-analysis-security

This run of the CodeQL Action does not have permission to access Code Scanning API endpoints. As a result, it will not be opted into any experimental features. This could be because the Action is running on a pull request from a fork. If not, please ensure the Action has the 'security-events: write' permission. Details: Resource not accessible by integration - https://docs.github.com/rest