Merge pull request #132 from FinTechTonic/spec #7
Josephrpsecurity-scan.yml
on: push
Secrets Detection
38s
Python Dependency Scan
1m 2s
Node.js Dependency Scan
16s
Python SAST (Bandit)
1m 1s
Python SAST (Semgrep)
1m 50s
Python Security Linting (Ruff)
46s
Frontend SAST (ESLint Security)
33s
DAST (OWASP ZAP)
Security Gate
2s
Annotations
2 errors and 2 warnings
|
Python SAST (Bandit)
Unable to upload "bandit-report.json" as it is not valid SARIF:
- instance is not allowed to have the additional property "errors"
- instance is not allowed to have the additional property "generated_at"
- instance is not allowed to have the additional property "metrics"
- instance is not allowed to have the additional property "results"
- instance requires property "version"
- instance requires property "runs"
|
|
Python Dependency Scan
Process completed with exit code 5.
|
|
Python Dependency Scan
No files were found with the provided path: safety-report.json. No artifacts will be uploaded.
|
|
Python SAST (Semgrep)
Unexpected input(s) 'generateSarif', 'generateGitHubSAST', valid inputs are ['entryPoint', 'args', 'config', 'publishToken']
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
bandit-report
Expired
|
11 KB |
sha256:a38dc68514269eccdfceea844390b6242def9f0153892a4dc5073d5dc139e4d5
|
|
|
eslint-security-report
Expired
|
426 KB |
sha256:2d5f75c8b860c0996502e385d7b5fff4be78620962927928a0859c1320026832
|
|
|
npm-audit-report
Expired
|
329 Bytes |
sha256:6b4d3da97b01ed5e507e480733ed2a57308859072c06545cc1c030d8f22e5ca2
|
|
|
pip-audit-report
Expired
|
3.63 KB |
sha256:c14aaaf9c42fbd955f46ee2150db2bcdc77e3fa01bb4123d61a067ad465e3363
|
|
|
ruff-security-report
Expired
|
166 Bytes |
sha256:68f52eb8027a0f92f6afd6d22ba9b374141cc82d5fd39e85f7b3757aa4c0d548
|
|
|
security-summary
Expired
|
302 Bytes |
sha256:fac5c7590ea08c1ad72390e1505b80a8d08b1bbe890b63dbcdbafbc97de57aae
|
|