skeleton POC #16728

vleague2 · 2025-10-03T16:34:04Z

🎟️ Tracking

📔 Objective

📸 Screenshots

⏰ Reminders before review

Contributor guidelines followed
All formatters and local linters executed and passed
Written new unit and / or integration tests where applicable
Protected functional changes with optionality (feature flags)
Used internationalization (i18n) for all UI strings
CI builds passed
Communicated to DevOps any deployment requirements
Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

👍 (:+1:) or similar for great changes
📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
❓ (:question:) for questions
🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
🎨 (:art:) for suggestions / improvements
❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
⛏ (:pick:) for minor or nitpick changes

sonarqubecloud · 2025-10-03T16:36:55Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

github-actions · 2025-10-03T16:42:32Z

Checkmarx One – Scan Summary & Details – 9cab42e4-a722-4c46-856f-235f8a124c91

New Issues (17)

Checkmarx found the following issues in this Pull Request

Issue	Source File / Package	Checkmarx Insight
CVE-2025-10585	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML p... Attack Vector: NETWORK Attack Complexity: LOW `ID: XILUQq4pHU248fUNQiTA8RiEeobGjiVUza%2F1bfPOwCs%3D` Vulnerable Package
CVE-2025-10200	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Use After Free in 'ServiceWorker' in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corrupt... Attack Vector: NETWORK Attack Complexity: LOW `ID: dFpBON%2FiI9kqnm3NWziVshxEsdYMDvdj0g9fBPqgU6w%3D` Vulnerable Package
CVE-2025-10500	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Use After Free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... Attack Vector: NETWORK Attack Complexity: LOW `ID: qVM%2FW7t4kA6ZrY85ekSu0nnJnZE3TxnDHPGUXPvUxXs%3D` Vulnerable Package
CVE-2025-10891	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... Attack Vector: NETWORK Attack Complexity: LOW `ID: %2Fr13dM5AOK%2BJu1MSrfNvOB7AsxgPpEaFJC%2FAGHvRaqE%3D` Vulnerable Package
CVE-2025-10892	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Integer Overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML... Attack Vector: NETWORK Attack Complexity: LOW `ID: nUwAGde7jWQrH4JeGJesEOeO2ILI6ihlJtTcL0CbdHs%3D` Vulnerable Package
CVE-2025-8880	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Race in V8 in Google Chrome through 139.0.7258.126 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Attack Vector: NETWORK Attack Complexity: LOW `ID: IcKSVngsKTGJ2x%2FouWY775A6sBX7C%2FbBwEUDfmOEOLo%3D` Vulnerable Package
CVE-2025-8882	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to... Attack Vector: NETWORK Attack Complexity: LOW `ID: LmIfRoz6KJLgc2q40uNeadMS%2FXoWz4%2FhelWD8CBy9gY%3D` Vulnerable Package
CVE-2025-8901	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Out-of-bounds Write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out-of-bounds memory access via a crafte... Attack Vector: NETWORK Attack Complexity: LOW `ID: J9dMyrI0iKyewjj4tIcVWSH7M4mtB8cHqbrZGU5vFPg%3D` Vulnerable Package
CVE-2025-9132	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Out-of-bounds Write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted H... Attack Vector: NETWORK Attack Complexity: LOW `ID: QJSHYm7dNXwZT%2B0CDIHql8XLo4m7o5j5sz6IRfsdDuw%3D` Vulnerable Package
CVE-2025-9478	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM... Attack Vector: NETWORK Attack Complexity: LOW `ID: 24lZBPyP1i6bV2gDwapngg5%2FzzNJRaL1nTP3UdrYirw%3D` Vulnerable Package
CVE-2025-9864	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Use After Free in V8 in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Attack Vector: NETWORK Attack Complexity: LOW `ID: XvO4aJDShPT1ixtsVR%2FHbhnbbwzvTB%2FqcQuPxox6aiA%3D` Vulnerable Package
CVE-2025-9866	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via ... Attack Vector: NETWORK Attack Complexity: LOW `ID: qQzo5IPNt7x1ZRfwKJpKNoa6Xe3uQ04mLlTTTYpWWJs%3D` Vulnerable Package
CVE-2025-10890	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: The google chrome version prior to 140.0.7339.207 is vulnerable to Side-channel information leakage in V8. Attack Vector: NETWORK Attack Complexity: HIGH `ID: JKNB4%2BUhrSudMFdr12kROVRMB2YKE1WQtkqTlyNOHgY%3D` Vulnerable Package
CVE-2025-8583	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Inappropriate implementation in Permissions in Google Chrome through 139.0.7258.65 allowed a remote attacker to perform UI spoofing via a crafted H... Attack Vector: NETWORK Attack Complexity: LOW `ID: nsD6jNrhSOZHzXKPBCJlpkZ27YG9sA1MlDqhrHCrAgM%3D` Vulnerable Package
CVE-2025-8881	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in sp... Attack Vector: NETWORK Attack Complexity: LOW `ID: 2s7RfwnLClm3TLvV4QEMwYyi2hIcQPAMSSnlGsfZqac%3D` Vulnerable Package
CVE-2025-9865	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Inappropriate implementation in the Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to en... Attack Vector: NETWORK Attack Complexity: LOW `ID: 6f8WUBM5FlTbnK6p4bqnfXNWX0tPkk5WgSeDQE0yOw4%3D` Vulnerable Package
CVE-2025-9867	Npm-electron-36.8.1	details Recommended version: 36.9.3 Description: Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a... Attack Vector: NETWORK Attack Complexity: LOW `ID: hI9zF56Aw3PXGmw%2BBUIvWZggFwH9vZVMQ5qoejIOlXE%3D` Vulnerable Package

codecov · 2025-10-03T16:44:40Z

Codecov Report

❌ Patch coverage is 25.00000% with 15 lines in your changes missing coverage. Please review.
✅ Project coverage is 38.76%. Comparing base (f7a3ad8) to head (e323cb6).
⚠️ Report is 10 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
libs/components/src/skeleton/skeleton.stories.ts	0.00%	12 Missing ⚠️
.../src/platform/popup/layout/popup-layout.stories.ts	0.00%	2 Missing ⚠️
libs/components/src/skeleton/skeleton.component.ts	75.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #16728      +/-   ##
==========================================
- Coverage   38.81%   38.76%   -0.05%     
==========================================
  Files        3406     3411       +5     
  Lines       96640    96767     +127     
  Branches    14510    14524      +14     
==========================================
+ Hits        37509    37515       +6     
- Misses      57493    57610     +117     
- Partials     1638     1642       +4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

skeleton POC

e323cb6

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

skeleton POC #16728

skeleton POC #16728

vleague2 commented Oct 3, 2025

Uh oh!

sonarqubecloud bot commented Oct 3, 2025

Uh oh!

github-actions bot commented Oct 3, 2025

Uh oh!

codecov bot commented Oct 3, 2025

Uh oh!

Uh oh!

skeleton POC #16728

Are you sure you want to change the base?

skeleton POC #16728

Conversation

vleague2 commented Oct 3, 2025

🎟️ Tracking

📔 Objective

📸 Screenshots

⏰ Reminders before review

🦮 Reviewer guidelines

Uh oh!

sonarqubecloud bot commented Oct 3, 2025

Quality Gate passed

Uh oh!

github-actions bot commented Oct 3, 2025

Uh oh!

codecov bot commented Oct 3, 2025

Codecov Report

Uh oh!

Uh oh!