Skip to content

KICS

KICS #428

Triggered via schedule October 21, 2024 00:24
Status Failure
Total duration 1m 42s
Artifacts

kics.yml

on: schedule
Fit to window
Zoom out
Zoom in

Annotations

1 error and 12 warnings
Analyze
KICS scan failed with exit code 50
Analyze
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
Analyze
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
[HIGH] Global Security Field Is Undefined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L22
Global security field should be defined to prevent API to have insecure paths and have this rules defined on securitySchemes
[HIGH] Missing User Instruction: build/backend/Dockerfile#L33
A user should be specified in the dockerfile, otherwise the image will run as root
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L440
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L384
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L52
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1162
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L1288
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L330
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L348
All paths should have security scheme, if it is omitted, global security field should be defined
[HIGH] No Global And Operation Security Defined (v3): demand-capacity-mgmt-specification/src/main/resources/openapi.yml#L34
All paths should have security scheme, if it is omitted, global security field should be defined