Fix Sast Vulnerabilities(AST-64185) - Githubissues

jenkinsci / checkmarx-ast-scanner-plugin

Jenkins Plugin for AST

https://plugins.jenkins.io/checkmarx-ast-scanner/

MIT License

2 stars 9 forks source link

Fix Sast Vulnerabilities(AST-64185) #321

Closed miryamfoiferCX closed 1 month ago

miryamfoiferCX commented 1 month ago

Testing done

Submitter checklist

[ ] Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
[ ] Ensure that the pull request title represents the desired changelog entry
[ ] Please describe what you did
[ ] Link to relevant issues in GitHub or Jira
[ ] Link to relevant pull requests, esp. upstream and downstream changes
[ ] Ensure you have provided tests - that demonstrates feature works or fixes the issue

github-actions[bot] commented 1 month ago

Checkmarx One – Scan Summary & Details – e26d63f1-65c2-420d-bf07-a10d6a42db90

Policy Management Violations

Policy Name	Rule(s)	Break Build
[SAST-ML0] Not allowed NEW Sast vulnerabilities	true

Fixed Issues

Severity	Issue	Source File / Package
	Unpinned Actions Full Length Commit SHA	/ci.yml: 40
	Unpinned Actions Full Length Commit SHA	/manual-tag.yml: 23
	Unpinned Actions Full Length Commit SHA	/release.yml: 42
	Unpinned Actions Full Length Commit SHA	/release.yml: 53
	Unpinned Actions Full Length Commit SHA	/cd.yml: 24
	Unpinned Actions Full Length Commit SHA	/cd.yml: 17
	Unpinned Actions Full Length Commit SHA	/cd.yml: 55
	Unpinned Actions Full Length Commit SHA	/cd.yml: 34

miryamfoiferCX commented 1 month ago

creating a new PR