search

ah-ha-admin / refactored-memory

MIT License
1 stars 1 forks source link

Update codacy/codacy-analysis-cli-action digest to 0991600 #461

Closed renovate[bot] closed 4 days ago

renovate[bot] commented 5 months ago

This PR contains the following updates:

Package Type Update Change
codacy/codacy-analysis-cli-action action digest db33ad5 -> 0991600

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

vercel[bot] commented 5 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
refactored-memory ❌ Failed (Inspect) Jul 11, 2024 3:09pm
refactored-memory-pif7 ❌ Failed (Inspect) Jul 11, 2024 3:09pm
squash-labs[bot] commented 5 months ago

Manage this branch in Squash

Test this branch here: https://renovatecodacy-codacy-analysis-pny7e.squash.io
guardrails[bot] commented 5 months ago

:warning: We detected 18 security issues in this pull request:

Mode: paranoid | Total findings: 18 | Considered vulnerability: 18

Hard-Coded Secrets (16)
Severity | Details | Docs :-: | :-- | :-: Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/##SomeNotes#L533 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **Hex High Entropy String**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/AndroidManifest.xml#L6 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#HexHighEntropyString) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/stackhawk.yml#L1 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **StackHawk API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/stackhawk.yml#L93 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#stackhawk-api-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/checkmarx.yml#L41 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **Github Key**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/soos-dast-scan.yml#L37 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-key) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/Sexflixxxvip00/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/action.yml#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/action.yml#L490 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/action.yml#L509 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/stackhawk.yml#L82 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/static.yml#L9 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **New GitHub Token Format**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/nuget.config#L10 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#github-token-new) Medium | Title: **Netlify API Key**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/jekyll-pages.yml#L44 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr#netlify-api-key) More info on how to fix Hard-Coded Secrets in [General](https://docs.guardrails.io/docs/en/vulnerabilities/general/hard-coded_secrets.html?utm_source=ghpr). ---
Insecure Use of Dangerous Function (2)
Severity | Details | Docs :-: | :-- | :-: High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/.github/workflows/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) High | Title: **Non-static OS command execution**
https://github.com/ah-ha-admin/refactored-memory/blob/29930dc9247b06427cf69ce3aa23f40bf519753c/setup.rb#L16 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr#dangerous-exec) More info on how to fix Insecure Use of Dangerous Function in [Ruby](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/insecure_use_of_dangerous_function.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

stale[bot] commented 1 week ago

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

renovate[bot] commented 4 days ago

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for the codacy/codacy-analysis-cli-action 0991600 update again.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.