feat(AI-TRUST-ASI-BP-WP-046) v1.0.0 — Enterprise AI Trust, Security & ASI Containment Blueprint for G-SIFI / Fortune 500 (2026-2030)#81
Codeac Code Quality
This PR contains 3411 errors and 855 warnings.
Annotations
Check warning on line 11 in frontend/Dockerfile
codeac-io / Codeac Code Quality
DL3018
Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
Check warning on line 45 in frontend/Dockerfile
codeac-io / Codeac Code Quality
DL3018
Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
Check warning on line 15 in backend/Dockerfile
codeac-io / Codeac Code Quality
DL3018
Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
Check warning on line 37 in backend/Dockerfile
codeac-io / Codeac Code Quality
DL3018
Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
Check warning on line 227 in frontend/src/store/authStore.ts
codeac-io / Codeac Code Quality
CodeDuplication
This block of 19 lines is too similar to frontend/src/store/authStore.ts:163
Check warning on line 182 in frontend/src/store/authStore.ts
codeac-io / Codeac Code Quality
CodeDuplication
This block of 19 lines is too similar to frontend/src/store/authStore.ts:208
Check warning on line 20 in artifacts/validate_artifacts.py
codeac-io / Codeac Code Quality
B405
Using xml.etree.ElementTree to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.ElementTree with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.
Check warning on line 146 in artifacts/validate_artifacts.py
codeac-io / Codeac Code Quality
B314
Using xml.etree.ElementTree.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.ElementTree.parse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
Check warning on line 6 in docs/schemas/check_generated_artifacts.py
codeac-io / Codeac Code Quality
B404
Consider possible security implications associated with the subprocess module.
Check warning on line 21 in docs/schemas/check_generated_artifacts.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.
Check warning on line 8 in docs/schemas/run_governance_checks.py
codeac-io / Codeac Code Quality
B404
Consider possible security implications associated with the subprocess module.
Check failure on line 83 in docs/schemas/run_governance_checks.py
codeac-io / Codeac Code Quality
B602
subprocess call with shell=True identified, security issue.
Check warning on line 1 in docs/schemas/test_check_dependencies.py
codeac-io / Codeac Code Quality
B404
Consider possible security implications associated with the subprocess module.
Check warning on line 13 in docs/schemas/test_check_dependencies.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.
Check warning on line 1 in docs/schemas/test_check_generated_artifacts.py
codeac-io / Codeac Code Quality
B404
Consider possible security implications associated with the subprocess module.
Check warning on line 30 in docs/schemas/test_check_generated_artifacts.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.
Check warning on line 2 in docs/schemas/test_generate_evidence_bundle.py
codeac-io / Codeac Code Quality
B404
Consider possible security implications associated with the subprocess module.
Check warning on line 17 in docs/schemas/test_generate_evidence_bundle.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.
Check warning on line 1 in docs/schemas/test_governance_artifacts_validation.py
codeac-io / Codeac Code Quality
B404
Consider possible security implications associated with the subprocess module.
Check warning on line 23 in docs/schemas/test_governance_artifacts_validation.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.
Check warning on line 42 in docs/schemas/test_governance_artifacts_validation.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.
Check warning on line 3 in docs/schemas/test_run_governance_checks.py
codeac-io / Codeac Code Quality
B404
Consider possible security implications associated with the subprocess module.
Check warning on line 12 in docs/schemas/test_run_governance_checks.py
codeac-io / Codeac Code Quality
B101
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Check warning on line 26 in docs/schemas/test_run_governance_checks.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.
Check warning on line 49 in docs/schemas/test_run_governance_checks.py
codeac-io / Codeac Code Quality
B603
subprocess call - check for execution of untrusted input.