chore(deps): lock file maintenance #2059
renovate[bot]scans.yml
on: pull_request
checkov
28s
clair
44s
devskim
25s
dustilock
17s
gitleaks
12s
grype
50s
grype-container
1m 20s
kics
36s
megalinter
2m 21s
msdo
31s
osv-scan-pr
/
osv-scan
22s
syft
53s
trivy-fs
33s
trivy-image
51s
trufflehog
8s
vorpal
12s
osv-scan-push
/
osv-scan
Annotations
6 warnings
|
gitleaks
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
msdo
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: microsoft/security-devops-action@08976cb623803b1b36d7112d4ff9f59eae704de0. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
[MEDIUM] Apt Get Install Pin Version Not Defined:
Dockerfile#L94
When installing a package, its pin version should be defined
|
|
[MEDIUM] Apt Get Install Pin Version Not Defined:
Dockerfile#L36
When installing a package, its pin version should be defined
|
|
[MEDIUM] Apt Get Install Pin Version Not Defined:
Dockerfile#L46
When installing a package, its pin version should be defined
|
|
[MEDIUM] Apt Get Install Pin Version Not Defined:
Dockerfile#L94
When installing a package, its pin version should be defined
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
OSV Scanner SARIF file
|
589 Bytes |
sha256:a17e92bc8177ac57f4d7b9b98108c6b1b9b3747e67732da33f9b25544c220a9d
|
|
|
gitleaks-results.sarif
|
6.64 KB |
sha256:8dff9b88aef814f0ef4d2637e6b202eaadcce965dedc054fb92c4538f9efd178
|
|
|
megalinter-reports
|
691 KB |
sha256:1a7391cbb36b81dfa800625ab98ed040202764da4adbc2f10e3d7f22a9b15166
|
|
|
new-json-results
|
241 Bytes |
sha256:7fcc181a2f92803143e339d6a169d35175e4807586fca55bc91e25e96604d99b
|
|
|
old-json-results
|
241 Bytes |
sha256:5d0c1d1fa9d37baae341ef77e3131b93a6bf9d03dc83c183fac5e470671abce7
|
|
|
python-example-app-syft.spdx.json
|
17.8 KB |
sha256:93953a31b4ee16003a1bc9aecdfd7198bdfb88072e5c720fd6dd0c15a6e4bb6e
|
|
|
yxtay~python-example-app~20EL9J.dockerbuild
|
24.4 KB |
sha256:a764a6dd560b5a14a77d75492f843ef0e2c70fd61e81c17a58ee35e10349c312
|
|
|
yxtay~python-example-app~RUJ87C.dockerbuild
|
23.5 KB |
sha256:0cf255e3fcfe5562c611257324b075469b7eb07363db47896d033366d9cc1ec4
|
|
|
yxtay~python-example-app~Y28I10.dockerbuild
|
23.8 KB |
sha256:9970d03327d8ae39985d4b2fa29f0fa83b57038067e8940f7bebef0c2000fd27
|
|