…gery (#3)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

…g sanitization (#4)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

…updates (#2)

Bumps the npm_and_yarn group with 2 updates in the /development/plot-benchmarks directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [esbuild](https://github.com/evanw/esbuild).
Bumps the npm_and_yarn group with 3 updates in the /development/fetchLicenses directory: [brace-expansion](https://github.com/juliangruber/brace-expansion), [path-to-regexp](https://github.com/pillarjs/path-to-regexp) and [tar-fs](https://github.com/mafintosh/tar-fs).
Bumps the npm_and_yarn group with 4 updates in the /development/benchmarks-chrome-extension directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [braces](https://github.com/micromatch/braces).


Updates `vite` from 5.4.11 to 5.4.20
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.20/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.20/packages/vite)

Updates `esbuild` from 0.21.5 to 0.25.10
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](evanw/esbuild@v0.21.5...v0.25.10)

Updates `brace-expansion` from 1.1.11 to 1.1.12
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12)

Updates `path-to-regexp` from 0.1.10 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.10...v0.1.12)

Updates `tar-fs` from 3.0.6 to 3.1.1
- [Commits](mafintosh/tar-fs@v3.0.6...v3.1.1)

Updates `svelte` from 4.2.8 to 4.2.20
- [Release notes](https://github.com/sveltejs/svelte/releases)
- [Changelog](https://github.com/sveltejs/svelte/blob/svelte@4.2.20/packages/svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/svelte/commits/svelte@4.2.20/packages/svelte)

Updates `vite` from 5.0.10 to 5.4.20
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.20/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.20/packages/vite)

Updates `esbuild` from 0.19.11 to 0.21.5
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](evanw/esbuild@v0.21.5...v0.25.10)

Updates `rollup` from 4.9.2 to 4.52.4
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.9.2...v4.52.4)

Updates `brace-expansion` from 1.1.11 to 1.1.12
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 5.4.20
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: esbuild
  dependency-version: 0.25.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: brace-expansion
  dependency-version: 1.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: path-to-regexp
  dependency-version: 0.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tar-fs
  dependency-version: 3.1.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: svelte
  dependency-version: 4.2.20
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 5.4.20
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: esbuild
  dependency-version: 0.21.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.52.4
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: brace-expansion
  dependency-version: 1.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…in permissions (#5)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Prevent creating multiple glTF entities.

Bug: 445721657
Test: scenecore testapp Gltf Model Test Case
Change-Id: Ia15fcdaa73a0b6a5eea79ad7e4ac62221492fd9e

* [GH] docs: fix typo in OffsetMapping documentation (cusrsor → cursor)

• Fix typo in OffsetMapping documentation
• Change “cusrsor” → “cursor” in transformedToOriginal KDoc

Test: Describe how you tested your changes. Note that this line (with `Test:`) is required, your PR will not build without it!

Fixes: [Optional] The bug on [https://issuetracker.google.com](https://issuetracker.google.com) being fixed

This is an imported pull request from androidx#815.

Resolves androidx#815
Github-Pr-Head-Sha: 6f760d3
GitOrigin-RevId: 406bc7f

Change-Id: I38b133aa4ba8600bf7fd1d27a0217c3a5f164f78

* Restore entity visibility on non-resize events

If `mAutoHideContent` is enabled, an entity's content is hidden (alpha set to 0) at the start of a resize operation. Previously, if a non-resize event (like a move) occurred before the resize completed, the content would remain hidden.

This change ensures that if a non-resize `ReformEvent` is received while the content is hidden for resizing, the entity's alpha is restored to its original value.

Bug: b/444448478

Test: Added unit test, tested manually with integrated scenecore test
app.

Change-Id: I4a0d6667699cfb3441f051684e8ec2a8a7cc398f

* Add compiler generated versions of Kotlin functions with optional parameters

When a Kotlin function has parameters with default values, the compiler generates a version which ends up used when the source function is called without all parameters from Kotlin source.

Previously, metalava was not tracking the compiler generated default version, but it should be since it would be binary breaking if the signature were to change. For more details of the issue see this document: https://docs.google.com/document/d/1E1gYBNsgEUyduiEQ7yMd0o1DQ224vCNVtwqxPfBts_I/edit

Bug: 432049122
Test: ./gradlew checkApi
Relnote: N/A
Change-Id: I661eac2a35b3b0de0cb6d13d1f05e068e4b1deb7
Merged-In: I661eac2a35b3b0de0cb6d13d1f05e068e4b1deb7

* Add compiler generated versions of Kotlin constructors with optional parameters

When a Kotlin constructor has parameters with default values, the compiler generates a version which ends up used when the source constructor is called without all parameters from Kotlin source.

Previously, metalava was not tracking the compiler generated default version, but it should be since it would be binary breaking if the signature were to change. For more details of the issue see this document: https://docs.google.com/document/d/1E1gYBNsgEUyduiEQ7yMd0o1DQ224vCNVtwqxPfBts_I/edit

Bug: 432049122
Test: ./gradlew checkApi
Relnote: N/A
Change-Id: If4b866b0bf876e7379108df3d75a167269c0cf30
Merged-In: If4b866b0bf876e7379108df3d75a167269c0cf30

* Adaptive Nav3: Pin dep on `navigation3-ui`

Change-Id: Id89ef1da02c750ca4510998a1afda8b587c2bb33

* Force ProjectedManager to always enable vps until we have a better config story

Session.create does not have the config yet so bindPerceptionService call to service.start(enableVps, "" /* api key */) does not make sense.

  when (val result = Session.create(this)) {
     when (val configResult = session.configure(config)) {

Test: Run arcore test app manually
Bug: b/450985420
Change-Id: Ib33049310dd3d3bf33b6f1830e4b90a35ad88f73

---------

Co-authored-by: babelsw <babelsw@google.com>
Co-authored-by: wondroid-world <wondroid.world@gmail.com>
Co-authored-by: Kinjal Bhavsar <bhavsar@google.com>
Co-authored-by: Julia McClellan <juliamcclellan@google.com>
Co-authored-by: Kevin Most <kmost@google.com>
Co-authored-by: Scott Wardle <scottwardle@google.com>
Co-authored-by: Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>
Co-authored-by: Aurimas Liutikas <aurimas@google.com>
Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Bumps the npm_and_yarn group with 1 update in the /development/benchmarks-chrome-extension directory: [esbuild](https://github.com/evanw/esbuild).


Updates `esbuild` from 0.21.5 to 0.25.10
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](evanw/esbuild@v0.21.5...v0.25.10)

---
updated-dependencies:
- dependency-name: esbuild
  dependency-version: 0.25.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…n permissions (#8)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

…n permissions (#9)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

- Fix micromatch vulnerability (CVE-2024-4067) in development/benchmarks-chrome-extension/package-lock.json
  - Upgrade from 4.0.5 to 4.0.8 to resolve Regular Expression Denial of Service (ReDoS) vulnerability
  - CVSS Score: 5.3 (MODERATE severity)

- Fix brace-expansion vulnerability (CVE-2025-5889) in kotlin-js-store yarn.lock files
  - Upgrade from 1.1.11 to 1.1.12 and 2.0.1 to 2.0.2 to resolve ReDoS vulnerability
  - CVSS Score: 3.1 (LOW severity)

These fixes address the high-severity security vulnerabilities identified by osv-scanner.
All vulnerable packages have been updated to their latest secure versions.

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

This commit updates the CodeQL workflow to support manual builds for Swift projects. It includes steps to set up Java, install XcodeGen, and generate/build Xcode projects for analysis.

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

…gery (#16)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

This commit updates the cross-spawn dependency in the yarn.lock file to version 7.0.6.

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>

…curity-remediation

[StepSecurity] Apply security best practices

…ummary

Co-authored-by: wbaker7702 <wbaker7702@mail.kvcc.edu>

…led-summary-aa54

Codeql advanced fix failed summary

Potential fix for code scanning alert no. 14: Server-side request forgery

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

This workflow defines a GitHub Action for running a Nexploit security scan, including input parameters and examples for starting new scans or restarting existing ones.