Merge pull request #105 from ClosedSourcerer/main #316
carslenAnnotations
1 error and 12 warnings
|
Analyze
KICS scan failed with exit code 50
|
|
Analyze
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Analyze
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
|
[HIGH] Global Security Field Is Undefined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L22
Global security field should be defined to prevent API to have insecure paths and have this rules defined on securitySchemes
|
|
[HIGH] Missing User Instruction:
build/backend/Dockerfile#L33
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L512
All paths should have security scheme, if it is omitted, global security field should be defined
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1016
All paths should have security scheme, if it is omitted, global security field should be defined
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1334
All paths should have security scheme, if it is omitted, global security field should be defined
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1502
All paths should have security scheme, if it is omitted, global security field should be defined
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L71
All paths should have security scheme, if it is omitted, global security field should be defined
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L269
All paths should have security scheme, if it is omitted, global security field should be defined
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L34
All paths should have security scheme, if it is omitted, global security field should be defined
|
|
[HIGH] No Global And Operation Security Defined (v3):
demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L491
All paths should have security scheme, if it is omitted, global security field should be defined
|