KICS · eclipse-tractusx/sldt-bpn-discovery@54e6562

Triggered via schedule May 16, 2024 00:07

LuLeRoemer

⁠ 54e6562

main

Status Success

Total duration 46s

Artifacts –

kics.yml

on: schedule

Analyze

39s

Annotations

12 warnings

Analyze

Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.

Analyze

CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/

[MEDIUM] Container Running With Low UID: charts/bpndiscovery/templates/deployment.yaml#L38

Check if containers are running with low UID, which might cause conflicts with the host's user table.

[MEDIUM] Global Server Object Uses HTTP: backend/src/main/resources/static/bpn-discovery-service-openapi.yaml#L33

Global server object URL should use 'https' protocol instead of 'http'

[MEDIUM] NET_RAW Capabilities Not Being Dropped: charts/bpndiscovery/templates/deployment.yaml#L38

Containers should drop 'ALL' or at least 'NET_RAW' capabilities

[MEDIUM] Pattern Undefined (v3): backend/src/main/resources/static/bpn-discovery-service-openapi.yaml#L219

String schema should have 'pattern' defined.

[MEDIUM] Pattern Undefined (v3): backend/src/main/resources/static/bpn-discovery-service-openapi.yaml#L217

String schema should have 'pattern' defined.

[MEDIUM] Pattern Undefined (v3): backend/src/main/resources/static/bpn-discovery-service-openapi.yaml#L221

String schema should have 'pattern' defined.