bitwarden-bot
commented
7 months ago 
Checkmarx One – Scan Summary & Details – 44f6b5d4-ee39-4c0e-8b2d-da04191da9c7
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
 |
Missing User Instruction | /Dockerfile: 176 |
|
Passwords And Secrets - Generic Password | /Dockerfile: 203 |
|
Passwords And Secrets - Generic Password | /docker-compose.yml: 23 |
|
Passwords And Secrets - Generic Password | /docker-compose.yml: 35 |
|
Passwords And Secrets - Generic Password | /docker-compose.yml: 46 |
 |
Apt Get Install Pin Version Not Defined | /Dockerfile: 212 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 8 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 212 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 212 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 212 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 212 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 8 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 212 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 54 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 8 |
|
Apt Get Install Pin Version Not Defined | /Dockerfile: 8 |
|
Container Traffic Not Bound To Host Interface | /docker-compose.yml: 12 |
|
Healthcheck Not Set | /docker-compose.yml: 5 |
|
Healthcheck Not Set | /docker-compose.yml: 20 |
|
Host Namespace is Shared | /docker-compose.yml: 20 |
|
Host Namespace is Shared | /docker-compose.yml: 5 |
|
Memory Not Limited | /docker-compose.yml: 5 |
|
Memory Not Limited | /docker-compose.yml: 20 |
|
NPM Install Command Without Pinned Version | /Dockerfile: 58 |
|
Networks Not Set | /docker-compose.yml: 20 |
|
Networks Not Set | /docker-compose.yml: 5 |
|
Privileged Ports Mapped In Container | /docker-compose.yml: 12 |
|
Security Opt Not Set | /docker-compose.yml: 20 |
|
Security Opt Not Set | /docker-compose.yml: 5 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 114 |
|
Unpinned Actions Full Length Commit SHA | /build-unified.yml: 108 |
|
Unpinned Actions Full Length Commit SHA | /update-links.yml: 63 |
|
Unpinned Actions Full Length Commit SHA | /build-unified.yml: 194 |
|
Unpinned Actions Full Length Commit SHA | /build-unified.yml: 101 |
|
Unpinned Actions Full Length Commit SHA | /update-links.yml: 47 |
|
Unpinned Actions Full Length Commit SHA | /DCT-test.yml: 30 |
|
Unpinned Actions Full Length Commit SHA | /update-versions.yml: 49 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 46 |
|
Unpinned Actions Full Length Commit SHA | /update-links.yml: 55 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 218 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 257 |
|
Unpinned Actions Full Length Commit SHA | /update-versions.yml: 73 |
|
Unpinned Actions Full Length Commit SHA | /update-links.yml: 71 |
|
Unpinned Actions Full Length Commit SHA | /release-digital-ocean.yml: 29 |
|
Unpinned Actions Full Length Commit SHA | /update-versions.yml: 27 |
|
Unpinned Actions Full Length Commit SHA | /release-web-latest.yml: 35 |
|
Using Platform Flag with FROM Command | /Dockerfile: 37 |
|
Using Platform Flag with FROM Command | /Dockerfile: 5 |
 |
Container Capabilities Unrestricted | /docker-compose.yml: 5 |
|
Container Capabilities Unrestricted | /docker-compose.yml: 20 |
|
Cpus Not Limited | /docker-compose.yml: 20 |
|
Cpus Not Limited | /docker-compose.yml: 5 |
|
Healthcheck Instruction Missing | /Dockerfile: 176 |
|
Missing_CSP_Header | /docker-unified/hbs/app-id.hbs: 9 |
|
Multiple RUN, ADD, COPY, Instructions Listed | /Dockerfile: 249 |
|
Multiple RUN, ADD, COPY, Instructions Listed | /Dockerfile: 222 |
This PR contains the following updates:
v1.4.7->v1.6.0v1.5.1->v1.6.0v5.0.0->v5.1.0Release Notes
Azure/login (Azure/login)
### [`v1.6.0`](https://togithub.com/Azure/login/releases/tag/v1.6.0): Azure Login Action v1.6.0 [Compare Source](https://togithub.com/Azure/login/compare/v1.5.1...v1.6.0) - Added `pre:` and `post:` action for cleaning up ([#384](https://togithub.com/Azure/login/issues/384)) ### [`v1.5.1`](https://togithub.com/Azure/login/releases/tag/v1.5.1): Azure Login Action v1.5.1 [Compare Source](https://togithub.com/Azure/login/compare/v1.5.0...v1.5.1) - Fixed [#371](https://togithub.com/Azure/login/issues/371): Allow optional `subscriptionId` in `creds` ([#373](https://togithub.com/Azure/login/issues/373)) - Cleaned accounts before login ([#376](https://togithub.com/Azure/login/issues/376), [#377](https://togithub.com/Azure/login/issues/377)) - Updated actions-secret-parser from 1.0.2 to 1.0.4 ([#378](https://togithub.com/Azure/login/issues/378)) ### [`v1.5.0`](https://togithub.com/Azure/login/releases/tag/v1.5.0): Azure Login Action v1.5.0 [Compare Source](https://togithub.com/Azure/login/compare/v1.4.7...v1.5.0) - Updated the versions of dependencies. - Supported passwords to start with hyphen(-). - Enabled OIDC for sovereign clouds. - Supported Managed Identity Login.docker/build-push-action (docker/build-push-action)
### [`v5.1.0`](https://togithub.com/docker/build-push-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/docker/build-push-action/compare/v5.0.0...v5.1.0) - Add `annotations` input by [@crazy-max](https://togithub.com/crazy-max) in [https://github.com/docker/build-push-action/pull/992](https://togithub.com/docker/build-push-action/pull/992) - Add `secret-envs` input by [@elias-lundgren](https://togithub.com/elias-lundgren) in [https://github.com/docker/build-push-action/pull/980](https://togithub.com/docker/build-push-action/pull/980) - Bump [@babel/traverse](https://togithub.com/babel/traverse) from 7.17.3 to 7.23.2 in [https://github.com/docker/build-push-action/pull/991](https://togithub.com/docker/build-push-action/pull/991) - Bump [@docker/actions-toolkit](https://togithub.com/docker/actions-toolkit) from 0.13.0-rc.1 to 0.14.0 in [https://github.com/docker/build-push-action/pull/990](https://togithub.com/docker/build-push-action/pull/990) [https://github.com/docker/build-push-action/pull/1006](https://togithub.com/docker/build-push-action/pull/1006) **Full Changelog**: https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0Configuration
📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.