Closed xSAVIKx closed 7 months ago
Checkmarx One – Scan Summary & Details – d757206b-8f65-4075-98fc-331b491b5194
Severity | Issue | Source File / Package | Checkmarx Insight |
---|---|---|---|
CVE-2019-10782 | Maven-com.puppycrawl.tools:checkstyle-8.24 | Vulnerable Package | |
Unpinned Actions Full Length Commit SHA | /ci.yaml: 34 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
Severity | Issue | Source File / Package |
---|---|---|
CVE-2014-0114 | Maven-commons-beanutils:commons-beanutils-1.9.3 | |
CVE-2019-10086 | Maven-commons-beanutils:commons-beanutils-1.9.3 | |
CVE-2018-10237 | Maven-com.google.guava:guava-22.0 | |
CVE-2019-9658 | Maven-com.puppycrawl.tools:checkstyle-8.1 |
In this PR I have created a simple CI workflow that we can use instead of existing Travis CI.
As part of this PR I have also fixed deprecated Gradle features and upgraded Gradle to latest v7