search

ah-ha-admin / refactored-memory

MIT License
1 stars 1 forks source link

Update aquasecurity/trivy-action digest to d9cd5b1 #449

Open renovate[bot] opened 1 year ago

renovate[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
aquasecurity/trivy-action action digest e5f4313 -> d9cd5b1

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

vercel[bot] commented 1 year ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
refactored-memory ❌ Failed (Inspect) Jul 9, 2024 6:41pm
refactored-memory-pif7 ❌ Failed (Inspect) Jul 9, 2024 6:41pm
squash-labs[bot] commented 1 year ago

Manage this branch in Squash

Test this branch here: https://renovateaquasecurity-trivy-act-u6vzo.squash.io
commit-lint[bot] commented 1 year ago

Contributors

renovate[bot]

Commit-Lint commands
You can trigger Commit-Lint actions by commenting on this PR: - `@Commit-Lint merge patch` will merge dependabot PR on "patch" versions (X.X.Y - Y change) - `@Commit-Lint merge minor` will merge dependabot PR on "minor" versions (X.Y.Y - Y change) - `@Commit-Lint merge major` will merge dependabot PR on "major" versions (Y.Y.Y - Y change) - `@Commit-Lint merge disable` will desactivate merge dependabot PR - `@Commit-Lint review` will approve dependabot PR - `@Commit-Lint stop review` will stop approve dependabot PR
guardrails[bot] commented 1 year ago

:warning: We detected 18 security issues in this pull request:

Mode: paranoid | Total findings: 18 | Considered vulnerability: 18

Hard-Coded Secrets (16)
Severity | Details | Docs :-: | :-- | :-: Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/##SomeNotes#L533 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/AndroidManifest.xml#L6 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/stackhawk.yml#L1 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/stackhawk.yml#L93 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/checkmarx.yml#L41 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/soos-dast-scan.yml#L37 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/Sexflixxxvip00/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/action.yml#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/action.yml#L490 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/action.yml#L509 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/stackhawk.yml#L82 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/static.yml#L9 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **Netlify API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/jekyll-pages.yml#L44 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#netlify-api-key) More info on how to fix Hard-Coded Secrets in [General](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr). ---
Insecure Use of Dangerous Function (2)
Severity | Details | Docs :-: | :-- | :-: High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/.github/workflows/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/caf1107c7daacee2c1fae958266e63fbd820b611/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) More info on how to fix Insecure Use of Dangerous Function in [Ruby](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

github-advanced-security[bot] commented 2 months ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot] commented 2 months ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.