search

miracum / fhir-gateway

A thin layer between FHIR REST clients and resource processing pipelines.
Apache License 2.0
12 stars 7 forks source link

chore(deps): update docker.io/library/gradle:8.7.0-jdk21 docker digest to afba668 - autoclosed #155

Closed renovate[bot] closed 2 months ago

renovate[bot] commented 2 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
docker.io/library/gradle stage digest 01ec604 -> afba668

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

github-actions[bot] commented 2 months ago

Trivy image scan report

ghcr.io/miracum/fhir-gateway:pr-155 (debian 12.5)

21 known vulnerabilities found (MEDIUM: 5 LOW: 13 CRITICAL: 1 HIGH: 2)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
libc6 CVE-2024-33599 HIGH 2.36-9+deb12u6 2.36-9+deb12u7
libc6 CVE-2024-33600 MEDIUM 2.36-9+deb12u6 2.36-9+deb12u7
libc6 CVE-2024-33601 MEDIUM 2.36-9+deb12u6 2.36-9+deb12u7
libc6 CVE-2024-33602 MEDIUM 2.36-9+deb12u6 2.36-9+deb12u7
libc6 CVE-2010-4756 LOW 2.36-9+deb12u6
libc6 CVE-2018-20796 LOW 2.36-9+deb12u6
libc6 CVE-2019-1010022 LOW 2.36-9+deb12u6
libc6 CVE-2019-1010023 LOW 2.36-9+deb12u6
libc6 CVE-2019-1010024 LOW 2.36-9+deb12u6
libc6 CVE-2019-1010025 LOW 2.36-9+deb12u6
libc6 CVE-2019-9192 LOW 2.36-9+deb12u6
libexpat1 CVE-2023-52425 HIGH 2.5.0-1
libexpat1 CVE-2023-52426 LOW 2.5.0-1
libexpat1 CVE-2024-28757 LOW 2.5.0-1
libgcc-s1 CVE-2023-4039 MEDIUM 12.2.0-14
libgcc-s1 CVE-2022-27943 LOW 12.2.0-14
libpng16-16 CVE-2021-4214 LOW 1.6.39-2
libstdc++6 CVE-2023-4039 MEDIUM 12.2.0-14
libstdc++6 CVE-2022-27943 LOW 12.2.0-14
libuuid1 CVE-2022-0563 LOW 2.38.1-5+deb12u1
zlib1g CVE-2023-45853 CRITICAL 1:1.2.13.dfsg-1

No Misconfigurations found

github-actions[bot] commented 2 months ago

🦙 MegaLinter status: ❌ ERROR

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 4 0 0.04s
✅ DOCKERFILE hadolint 2 0 0.1s
✅ EDITORCONFIG editorconfig-checker 66 0 0.28s
✅ GROOVY npm-groovy-lint 2 0 8.53s
✅ JAVA checkstyle 18 0 4.7s
✅ JSON jsonlint 5 0 0.22s
✅ JSON prettier 5 0 1.97s
✅ JSON v8r 5 0 3.77s
✅ MARKDOWN markdownlint 2 0 0.65s
✅ PYTHON bandit 1 0 1.03s
✅ PYTHON black 1 0 0.63s
✅ PYTHON flake8 1 0 0.4s
✅ PYTHON isort 1 0 0.45s
✅ PYTHON mypy 1 0 8.15s
✅ PYTHON ruff 1 0 0.05s
✅ REPOSITORY checkov yes no 16.95s
✅ REPOSITORY gitleaks yes no 0.96s
✅ REPOSITORY git_diff yes no 0.02s
✅ REPOSITORY grype yes no 15.17s
✅ REPOSITORY kics yes no 5.07s
✅ REPOSITORY secretlint yes no 0.92s
✅ REPOSITORY syft yes no 2.81s
❌ REPOSITORY trivy yes 1 9.9s
✅ REPOSITORY trivy-sbom yes no 8.68s
✅ REPOSITORY trufflehog yes no 3.98s
✅ SQL sql-lint 1 0 0.44s
✅ XML xmllint 1 0 0.02s
✅ YAML prettier 17 0 1.1s
✅ YAML yamllint 17 0 0.58s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

_MegaLinter is graciously provided by OX Security_

github-actions[bot] commented 2 months ago

Code Coverage Report

Overall Project 28.96% :x:

There is no coverage information present for the Files changed