Skip to content

KICS

KICS #426

Triggered via schedule October 19, 2024 00:22
Status Failure
Total duration 1m 46s
Artifacts

kics.yml

on: schedule
Fit to window
Zoom out
Zoom in

Annotations

1 error and 12 warnings
Analyze
KICS scan failed with exit code 50
Analyze
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
Analyze
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
[HIGH] Global Security Field Is Undefined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L22
Global security field should be defined to prevent API to have insecure paths and have this rules defined on securitySchemes
[HIGH] Missing User Instruction: build/backend/Dockerfile#L33
A user should be specified in the dockerfile, otherwise the image will run as root
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1227
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1052
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1370
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L596
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L186
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L109
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L537
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L611
All paths should have security scheme, if it is omitted, global security field should be defined