kics is failing in github action pipeline

[amrityam]

Pipeline logs url: https://github.com/abnamro/repository-scanner/actions/runs/4449197263/jobs/7813032416

Here goes the logs

Results Summary: HIGH: 0 MEDIUM: 0 LOW: 0 INFO: 0 TOTAL: 0

Results saved to file results.json Scan duration: 19.896613589s A new version 'v1.6.12' of KICS is available, please consider updating fetch https://dl-cdn.alpinelinux.org/alpine/v3.17/main/x86_64/APKINDEX.tar.gz fetch https://dl-cdn.alpinelinux.org/alpine/v3.17/community/x86_64/APKINDEX.tar.gz (1/7) Installing c-ares (1.18.1-r1) (2/7) Installing libgcc (12.2.1_git20220924-r4) (3/7) Installing icu-data-en (72.1-r1) Executing icu-data-en-72.1-r1.post-install *

• If you need ICU with non-English locales and legacy charset support, install
• package icu-data-full.

• (4/7) Installing libstdc++ (12.2.1_git20220924-r4) (5/7) Installing icu-libs (72.1-r1) (6/7) Installing nodejs (18.14.2-r0) (7/7) Installing npm (9.1.2-r0) Executing busybox-1.35.0-r29.trigger OK: 76 MiB in 32 packages npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.

added 32 packages, and audited 33 packages in 1s

3 vulnerabilities (1 moderate, 2 high)

To address all issues, run: npm audit fix

Run npm audit for details.

kics-github-action@1.0.0 build ncc build src/main.js

ncc: Version 0.31.1 ncc: Compiling file index.js into CJS Error: error:0308010C:digital envelope routines::unsupported at new Hash (node:internal/crypto/hash:71:19) at Object.createHash (node:crypto:133:10) at hashOf (/app/node_modules/@vercel/ncc/dist/ncc/index.js.cache.js:37:1855992) at ncc (/app/node_modules/@vercel/ncc/dist/ncc/index.js.cache.js:37:1860457) at runCmd (/app/node_modules/@vercel/ncc/dist/ncc/cli.js.cache.js:1:55128) at 819 (/app/node_modules/@vercel/ncc/dist/ncc/cli.js.cache.js:1:51698) at __webpack_require__ (/app/node_modules/@vercel/ncc/dist/ncc/cli.js.cache.js:1:59048) at /app/node_modules/@vercel/ncc/dist/ncc/cli.js.cache.js:1:59260 at /app/node_modules/@vercel/ncc/dist/ncc/cli.js.cache.js:1:59321 at Object. (/app/node_modules/@vercel/ncc/dist/ncc/cli.js:8:28) { opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ], library: 'digital envelope routines', reason: 'unsupported', code: 'ERR_OSSL_EVP_UNSUPPORTED' } node:internal/modules/cjs/loader:1078 throw err; ^

Error: Cannot find module '/app/dist/index.js' at Module._resolveFilename (node:internal/modules/cjs/loader:1075:15) at Module._load (node:internal/modules/cjs/loader:920:27) at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12) at node:internal/main/run_main_module:23:47 { code: 'MODULE_NOT_FOUND', requireStack: [] }

Node.js v18.14.2

[gabriel-cx]

Hi @amrityam,

Thanks for your feedback. This issue was solved by #83, and this fix is available on the latest version of the KICS GitHub action, version v1.6.3.

Kindly use this latest version on your workflows, it will solve this problem.

If this information solves/clarifies your issues/doubts, please close this issue. If not, feel free to leave us a message.

[amrityam]

Hi gabriel-cx, Closing this issue as issue has been resolved after using latest KICS version 1.6.3 in pipeline.