fix: add permission to create gh release #48
rwaffensecurity_scanning.yml
on: pull_request
setup-matrix
5s
Matrix: Scan CI container
Annotations
4 warnings
|
Scan CI container (7, 7.21.2-1+ubuntu24.04)
Failed minimum severity level. Found vulnerabilities with level 'medium' or higher
|
|
Sensitive data should not be used in the ARG or ENV commands:
openvoxdb/Containerfile#L31
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "OPENVOXDB_POSTGRES_PASSWORD")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Scan CI container (8, 8.9.1-1+ubuntu24.04)
Failed minimum severity level. Found vulnerabilities with level 'medium' or higher
|
|
Sensitive data should not be used in the ARG or ENV commands:
openvoxdb/Containerfile#L31
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "OPENVOXDB_POSTGRES_PASSWORD")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
OpenVoxProject~container-openvoxdb~YW2YP1.dockerbuild
Expired
|
42 KB |
sha256:223c4ccc269cdf7b9ec1a0c43447d749a8502f0cbc9a525ff2d8654db0159c6a
|
|
|
OpenVoxProject~container-openvoxdb~ZNZWLT.dockerbuild
Expired
|
42.2 KB |
sha256:1ea21d9717c9fd29855cdd52bc4a80bd152000d43a7f018a9cfe2b25d1e7e5cc
|
|