Skip to content
KICS

KICS #394

Sign in to view logs

KICS

KICS #394

Triggered via schedule September 17, 2024 00:18
@scherersebastianscherersebastian
553bc55
main
Status Failure
Total duration 1m 45s
Artifacts

kics.yml

on: schedule
Analyze
1m 36s
Analyze
Fit to window
Zoom out
Zoom in

Annotations

1 error and 12 warnings
Analyze
KICS scan failed with exit code 50
Analyze
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
Analyze
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
[HIGH] Global Security Field Is Undefined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L22
Global security field should be defined to prevent API to have insecure paths and have this rules defined on securitySchemes
[HIGH] Missing User Instruction: build/backend/Dockerfile#L33
A user should be specified in the dockerfile, otherwise the image will run as root
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1456
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L585
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L766
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L782
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L827
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L253
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L882
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1141
All paths should have security scheme, if it is omitted, global security field should be defined