search

jenkinsci / checkmarx-ast-scanner-plugin

Jenkins Plugin for AST
https://plugins.jenkins.io/checkmarx-ast-scanner/
MIT License
2 stars 9 forks source link

Update Wrapper Version #293

Closed tamarleviCm closed 3 months ago

tamarleviCm commented 3 months ago

update wrapper version

github-actions[bot] commented 3 months ago

Logo Checkmarx One – Scan Summary & Details5ada8c04-c486-4e9a-a585-85c97083e786

Policy Management Violations

Policy Name Rule(s) Break Build
[SAST-ML0] Not allowed NEW Sast vulnerabilities true

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: [34](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java# L34) Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: [34](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java# L34) Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: [34](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java# L34) Attack Vector
MEDIUM Unpinned Actions Full Length Commit SHA /ast-scan.yml: [12](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/ast-scan.yml# L12) Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /dependabot-auto-merge.yml: [23](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/dependabot-auto-merge.yml# L23) Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: [53](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/cd.yml# L53) Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity Issue Source File / Package
MEDIUM Unpinned Actions Full Length Commit SHA /ci.yml: [40](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/ci.yml# L40)
MEDIUM Unpinned Actions Full Length Commit SHA /manual-tag.yml: [23](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/manual-tag.yml# L23)
MEDIUM Unpinned Actions Full Length Commit SHA /release.yml: [42](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/release.yml# L42)
MEDIUM Unpinned Actions Full Length Commit SHA /release.yml: [53](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/release.yml# L53)
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: [24](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/cd.yml# L24)
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: [17](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/cd.yml# L17)
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: [55](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/cd.yml# L55)
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: [34](https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/update-wrapper-to-2.0.14//.github/workflows/cd.yml# L34)