Skip to content
KICS

KICS #407

Sign in to view logs

KICS

KICS #407

Triggered via schedule September 30, 2024 00:24
@scherersebastianscherersebastian
553bc55
main
Status Failure
Total duration 2m 1s
Artifacts

kics.yml

on: schedule
Analyze
1m 52s
Analyze
Fit to window
Zoom out
Zoom in

Annotations

1 error and 12 warnings
Analyze
KICS scan failed with exit code 50
Analyze
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
Analyze
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
[HIGH] Global Security Field Is Undefined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L22
Global security field should be defined to prevent API to have insecure paths and have this rules defined on securitySchemes
[HIGH] Missing User Instruction: build/backend/Dockerfile#L33
A user should be specified in the dockerfile, otherwise the image will run as root
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L215
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L537
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L846
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1107
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L34
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L290
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L863
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1178
All paths should have security scheme, if it is omitted, global security field should be defined