[release-v0.12] CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients #2221
adambkaplanAnnotations
4 errors and 4 warnings
|
Verify:
go/src/github.com/shipwright-io/build/pkg/image/options.go#L59
G402: TLS InsecureSkipVerify set true. (gosec)
|
|
Verify:
go/src/github.com/shipwright-io/build/test/utils/webhook.go#L60
G402: TLS InsecureSkipVerify set true. (gosec)
|
|
Verify:
go/src/github.com/shipwright-io/build/test/utils/webhook.go#L90
G402: TLS InsecureSkipVerify set true. (gosec)
|
|
Verify
issues found
|
|
Verify
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/setup-go@v3, golangci/golangci-lint-action@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Verify:
go/src/github.com/shipwright-io/build/pkg/reconciler/buildrunttlcleanup/controller.go#L134
unused-parameter: parameter 'e' seems to be unused, consider removing or renaming it as _ (revive)
|
|
Verify:
go/src/github.com/shipwright-io/build/pkg/reconciler/build/controller.go#L87
unused-parameter: parameter 'e' seems to be unused, consider removing or renaming it as _ (revive)
|
|
Verify:
go/src/github.com/shipwright-io/build/pkg/reconciler/buildrun/controller.go#L76
unused-parameter: parameter 'e' seems to be unused, consider removing or renaming it as _ (revive)
|