Skip to content
trivy & grype & sarif & docker scout vulnerability scan

Add research-vuln-scan workflow #15

Sign in to view logs

Add research-vuln-scan workflow

Add research-vuln-scan workflow #15

Triggered via pull request November 5, 2024 09:24
@robert-schardtrobert-schardt
synchronize #23
DEVOPS-1249_rschardt
Status Failure
Total duration 51s
Artifacts

research-vuln-scan.yml

on: pull_request
Trivy
22s
Trivy
Grype
35s
Grype
Docker Scout
44s
Docker Scout
Fit to window
Zoom out
Zoom in

Annotations

1 error and 3 warnings
Docker Scout
could not write comment, 'pull-requests: write' permission is required: POST https://api.github.com/repos/greenbone/opensight-postgres/issues/23/comments: 403 Resource not accessible by integration []
Grype
The following actions use a deprecated Node.js version and will be forced to run on node20: anchore/scan-action@d5aa5b6cb9414b0c7771438046ff5bcfa2854ed7. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
Grype
Failed minimum severity level. Found vulnerabilities with level 'low' or higher
Grype
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/