From 5e23ad2db1628d096eaf0f38b610011ed5c8fd65 Mon Sep 17 00:00:00 2001
From: B0zal <me@btz.pm>
Date: Fri, 25 Aug 2023 18:43:37 +0700
Subject: [PATCH 1/4] Security Update

Potentially unsafe external link
---
 app/components/sidebar.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/components/sidebar.tsx b/app/components/sidebar.tsx
index b0b778fc..634639f1 100644
--- a/app/components/sidebar.tsx
+++ b/app/components/sidebar.tsx
@@ -174,7 +174,7 @@ export function SideBar(props: { className?: string }) {
             </Link>
           </div>
           <div className={styles["sidebar-action"]}>
-            <a href={REPO_URL} target="_blank">
+            <a href={REPO_URL} target="_blank" rel="noopener noreferrer">
               <IconButton icon={<GithubIcon />} shadow />
             </a>
           </div>

From 22a6819f7b81b654fbb1632f425b42411f94cc98 Mon Sep 17 00:00:00 2001
From: B0zal <me@btz.pm>
Date: Fri, 25 Aug 2023 18:48:38 +0700
Subject: [PATCH 2/4] Security Update

[+] Protect Prototype
---
 app/utils/merge.ts | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/utils/merge.ts b/app/utils/merge.ts
index 758d6df8..fd7a4da9 100644
--- a/app/utils/merge.ts
+++ b/app/utils/merge.ts
@@ -1,9 +1,13 @@
 export function merge(target: any, source: any) {
   Object.keys(source).forEach(function (key) {
-    if (source[key] && typeof source[key] === "object") {
+    if (
+      source.hasOwnProperty(key) && // Check if the property is not inherited
+      source[key] &&
+      typeof source[key] === "object" || key === "__proto__" || key === "constructor"
+    ) {
       merge((target[key] = target[key] || {}), source[key]);
       return;
     }
     target[key] = source[key];
   });
-}
+} 
\ No newline at end of file

From 0ae57589a9cabc1a87dfb5fd056057133aae9b7d Mon Sep 17 00:00:00 2001
From: B0zal <me@btz.pm>
Date: Sun, 27 Aug 2023 06:09:55 +0700
Subject: [PATCH 3/4] This branch only for scanner

---
 .github/workflows/codeql.yml | 55 ++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 .github/workflows/codeql.yml

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 00000000..b75ec37b
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,55 @@
+# Modified by backtrackz
+# Mark TRAP cache skipped because it only a few lines
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: '18 8 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    - name: Perform CodeQL Analysis
+      id: codeql
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"
+        codeql-path: /opt/hostedtoolcache/CodeQL/2.14.1/x64/codeql/codeql
+        upload-trap-cache: true
+        upload-trap-cache-exclude: '.*'
+
+    - name: Mark TRAP cache skipped
+      if: steps.codeql.outputs.upload_trap_cache_skipped == 'true'
+      run: echo "::set-output name=trap_cache_skipped::true"
+
+    - name: Start Analysis
+      if: steps.codeql.outputs.upload_trap_cache_skipped == 'false'
+      run: echo "Starting analysis..."
\ No newline at end of file

From 71d06647d07e22b3a1d114ef07bc4fe5373fc19d Mon Sep 17 00:00:00 2001
From: B0zal <me@btz.pm>
Date: Sun, 27 Aug 2023 09:15:05 +0700
Subject: [PATCH 4/4] Delete codeql.yml

it won't work if someone try, must have licence advance security
---
 .github/workflows/codeql.yml | 55 ------------------------------------
 1 file changed, 55 deletions(-)
 delete mode 100644 .github/workflows/codeql.yml

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
deleted file mode 100644
index b75ec37b..00000000
--- a/.github/workflows/codeql.yml
+++ /dev/null
@@ -1,55 +0,0 @@
-# Modified by backtrackz
-# Mark TRAP cache skipped because it only a few lines
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ "main" ]
-  pull_request:
-    branches: [ "main" ]
-  schedule:
-    - cron: '18 8 * * 2'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
-    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript' ]
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
-
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
-
-    - name: Perform CodeQL Analysis
-      id: codeql
-      uses: github/codeql-action/analyze@v2
-      with:
-        category: "/language:${{matrix.language}}"
-        codeql-path: /opt/hostedtoolcache/CodeQL/2.14.1/x64/codeql/codeql
-        upload-trap-cache: true
-        upload-trap-cache-exclude: '.*'
-
-    - name: Mark TRAP cache skipped
-      if: steps.codeql.outputs.upload_trap_cache_skipped == 'true'
-      run: echo "::set-output name=trap_cache_skipped::true"
-
-    - name: Start Analysis
-      if: steps.codeql.outputs.upload_trap_cache_skipped == 'false'
-      run: echo "Starting analysis..."
\ No newline at end of file