Update Nissuer to alert for vulnerability reports #78417

jackwilson323 · 2025-04-22T15:24:56Z

What?

We use Nissuer to assist in triaging new GitHub Issues. This PR updates our Nissuer config to send alerts to a webhook endpoint if Nissuer detects a possible security report/responsible disclosure via a public GitHub Issue.

Why?

So we can be alerted in a timely manner to possible public disclosures of unresolved security issues in Next.js

How?

Nissuer performs keyword detection and sends an alert to a webhook if any keywords are detected in a newly-raised GitHub Issue.

Note: we must also set the appropriate NISSUER_WEBHOOK_URL and NISSUER_WEBHOOK_SECRET environmental variables on the repository for this to be effective.

ijjk · 2025-04-29T17:27:17Z

Failing test suites

Commit: fb92928

pnpm test-dev-turbo test/e2e/app-dir/actions/app-action.test.ts (turbopack)

app-dir action handling > should forward action request to a worker that contains the action handler (node)
app-dir action handling > should forward action request to a worker that contains the action handler (edge)

Expand output

● app-dir action handling › should forward action request to a worker that contains the action handler (node)

page.waitForSelector: Timeout 10000ms exceeded.
Call log:
  - waiting for locator('#other-page')

  454 |   waitForElementByCss(selector: string, timeout = 10_000) {
  455 |     return this.startChain(async () => {
> 456 |       const el = await page.waitForSelector(selector, {
      |                             ^
  457 |         timeout,
  458 |         state: 'attached',
  459 |       })

  at waitForSelector (lib/browsers/playwright.ts:456:29)
  at e2e/app-dir/actions/app-action.test.ts:892:7
  at Proxy._chain (lib/browsers/playwright.ts:568:23)
  at Proxy._chain (lib/browsers/playwright.ts:549:17)
  at Proxy.startChain (lib/browsers/playwright.ts:455:17)
  at waitForElementByCss (e2e/app-dir/actions/app-action.test.ts:895:10)

● app-dir action handling › should forward action request to a worker that contains the action handler (edge)

page.waitForSelector: Timeout 10000ms exceeded.
Call log:
  - waiting for locator('#other-page')

  454 |   waitForElementByCss(selector: string, timeout = 10_000) {
  455 |     return this.startChain(async () => {
> 456 |       const el = await page.waitForSelector(selector, {
      |                             ^
  457 |         timeout,
  458 |         state: 'attached',
  459 |       })

  at waitForSelector (lib/browsers/playwright.ts:456:29)
  at e2e/app-dir/actions/app-action.test.ts:892:7
  at Proxy._chain (lib/browsers/playwright.ts:568:23)
  at Proxy._chain (lib/browsers/playwright.ts:549:17)
  at Proxy.startChain (lib/browsers/playwright.ts:455:17)
  at waitForElementByCss (e2e/app-dir/actions/app-action.test.ts:895:10)

Read more about building and testing Next.js in contributing.md.

add webhook URL and secret vars to workflow config

b5613e3

jackwilson323 requested review from balazsorban44 and ijjk April 22, 2025 15:24

jackwilson323 self-assigned this Apr 22, 2025

ijjk approved these changes Apr 29, 2025

View reviewed changes

Merge branch 'canary' into jackwilson323/add-nissuer-notifier

fb92928

ijjk merged commit f3f8416 into canary Apr 29, 2025
79 of 122 checks passed

ijjk deleted the jackwilson323/add-nissuer-notifier branch April 29, 2025 17:33

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update Nissuer to alert for vulnerability reports #78417

Update Nissuer to alert for vulnerability reports #78417

jackwilson323 commented Apr 22, 2025

ijjk commented Apr 29, 2025

Update Nissuer to alert for vulnerability reports #78417

Update Nissuer to alert for vulnerability reports #78417

Conversation

jackwilson323 commented Apr 22, 2025

What?

Why?

How?

ijjk commented Apr 29, 2025

Failing test suites