Thyme
Public

This is a SQL tool that allows for the automation of SQL by selecting fields in tables. The tool figures out how to build the joins. The tool will also format the SQL so its readable as well as build a legend of all the tables in a query. The tool can also test queries.

Security

Vulnerabilities
1 High
2 Medium
3 Low
high

CVE-2021-23337

Prototype pollution vulnerability in lodash before 4.17.21 allows attackers to modify object properties via the set, setWith, and update functions.

lodash 4.17.154.17.21
medium

CVE-2022-24999

The express package before 4.17.3 for Node.js has a Regular Expression Denial of Service vulnerability via the req.fresh property.

express 4.17.14.17.3
Security Policies
Security policy
Enabled
Dependabot alerts
Enabled
Code scanning
Disabled
Secret scanning
Enabled
Security Score
78Grade B

Dependency Analysis

lodash4.17.15
1 issues
65/100
express4.17.1
1 issues
72/100
Security Recommendations

Based on the repository's security profile, here are some recommendations:

  • Update lodash to version 4.17.21 to fix a high severity vulnerability
  • Update express to version 4.17.3 to fix a medium severity vulnerability
  • Enable code scanning to detect security vulnerabilities in your code