Security Scanning #81
jeremisecurity.yml
on: schedule
Secret Detection (Gitleaks)
17s
Dependency Scan
52s
Static Analysis (Semgrep)
2m 22s
API Auth Audit
5s
Container Scan (Trivy)
9m 3s
Annotations
7 warnings
|
Secret Detection (Gitleaks)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Dependency Scan
pip-audit found vulnerabilities (see output above)
|
|
Dependency Scan
Fiona/GDAL excluded (require native GDAL/libgdal-dev build dependencies)
|
|
|
|
Dependency Scan
Skipping VCS/URL dependencies (cannot be audited):
|
|
Static Analysis (Semgrep)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Container Scan (Trivy)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|