Skip to content
Security Pipeline

deps(nodegoat): bump the npm-minor-patch group in /NodeGoat with 18 updates #9

Sign in to view logs

deps(nodegoat): bump the npm-minor-patch group in /NodeGoat with 18 updates

deps(nodegoat): bump the npm-minor-patch group in /NodeGoat with 18 updates #9

Triggered via pull request December 6, 2025 02:38
@dependabotdependabot[bot]
opened #8
dependabot/npm_and_yarn/NodeGoat/npm-minor-patch-a9b7a17f9d
Status Failure
Total duration 2m 7s
Artifacts 1

security-pipeline.yml

on: pull_request
Secret Detection
14s
Secret Detection
Dependency Vulnerability Scan
15s
Dependency Vulnerability Scan
Semgrep SAST
1m 56s
Semgrep SAST
IaC Security Scan
33s
IaC Security Scan
Container Security
0s
Container Security
Security Gate
3s
Security Gate
Fit to window
Zoom out
Zoom in

Annotations

13 errors and 2 warnings
Secret Detection
🛑 missing gitleaks license. Go grab one at gitleaks.io and store it as a GitHub Secret named GITLEAKS_LICENSE. For more info about the recent breaking update, see [here](https://github.com/gitleaks/gitleaks-action#-announcement).
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L116
CKV_AWS_23: "Ensure every security group and rule has a description"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_129: "Ensure that respective logs of Amazon Relational Database Service (Amazon RDS) are enabled"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_16: "Ensure all data stored in the RDS is securely encrypted at rest"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_161: "Ensure RDS database has IAM authentication enabled"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_293: "Ensure that AWS database instances have deletion protection enabled"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_118: "Ensure that enhanced monitoring is enabled for Amazon RDS instances"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_17: "Ensure all data stored in RDS is not publicly accessible"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_157: "Ensure that RDS instances have Multi-AZ enabled"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_133: "Ensure that RDS instances has backup policy"
IaC Security Scan: TerraGoat/terraform/aws/db-app.tf#L1
CKV_AWS_226: "Ensure DB instance gets all minor upgrades automatically"
Security Gate
Process completed with exit code 1.
Security Gate
Security gate failed - secrets detected in code
IaC Security Scan
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
Semgrep SAST
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/

Artifacts

Produced during runtime
Name Size Digest
npm-audit-results Expired
12.3 KB
sha256:541d59d9da0a062710294e32834f391a5fc5f5db4f33a0aa590f00a546b641c1