search

ah-ha-admin / refactored-memory

MIT License
1 stars 1 forks source link

Update MobSF/mobsfscan digest to 849b749 #457

Closed renovate[bot] closed 3 months ago

renovate[bot] commented 7 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
MobSF/mobsfscan action digest acccb54 -> 849b749

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

vercel[bot] commented 7 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
refactored-memory ❌ Failed (Inspect) May 27, 2024 10:45pm
refactored-memory-pif7 ❌ Failed (Inspect) May 27, 2024 10:45pm
squash-labs[bot] commented 7 months ago

Manage this branch in Squash

Test this branch here: https://renovatemobsf-mobsfscan-digest-si2vl.squash.io
guardrails[bot] commented 7 months ago

:warning: We detected 18 security issues in this pull request:

Mode: paranoid | Total findings: 18 | Considered vulnerability: 18

Hard-Coded Secrets (16)
Severity | Details | Docs :-: | :-- | :-: Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/##SomeNotes#L533 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/AndroidManifest.xml#L6 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/stackhawk.yml#L1 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/stackhawk.yml#L93 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/checkmarx.yml#L41 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/soos-dast-scan.yml#L37 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/Sexflixxxvip00/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/action.yml#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/action.yml#L490 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/action.yml#L509 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/stackhawk.yml#L82 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/static.yml#L9 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **Netlify API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/jekyll-pages.yml#L44 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#netlify-api-key) More info on how to fix Hard-Coded Secrets in [General](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr). ---
Insecure Use of Dangerous Function (2)
Severity | Details | Docs :-: | :-- | :-: High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/.github/workflows/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/e4ebee9ffed54aa21ee381d69c9c5b5779004253/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) More info on how to fix Insecure Use of Dangerous Function in [Ruby](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

stale[bot] commented 3 months ago

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

repo-ranger[bot] commented 3 months ago

⚠️ This has been marked to be closed in 7 days.

renovate[bot] commented 3 months ago

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for the MobSF/mobsfscan 849b749 update again.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.