Skip to content
Alfresco Transform Core CI

ACS-7776 Upgrade 3rd Party Components #851

Sign in to view logs

ACS-7776 Upgrade 3rd Party Components

ACS-7776 Upgrade 3rd Party Components #851

Triggered via pull request May 8, 2024 13:23
@pzhylandpzhyland
synchronize #954
feature/ACS-7776-upgrade-3rd-party-components
Status Failure
Total duration 12m 23s
Artifacts 2

ci.yml

on: pull_request
Matrix: all_tests_matrix
Veracode - Source Clear Scan (SCA)
1m 38s
Veracode - Source Clear Scan (SCA)
Core & Base Snapshot deployment
0s
Core & Base Snapshot deployment
Pipeline SAST Scan
12m 10s
Pipeline SAST Scan
Release
0s
Release
Fit to window
Zoom out
Zoom in

Annotations

1 error and 9 warnings
Pipeline SAST Scan
[08 May 2024 13:25:36,0439] PIPELINE-SCAN INFO: Pipeline Scan Tool Version 24.4.0-0. [08 May 2024 13:25:36,0450] PIPELINE-SCAN INFO: Loading policy file Alfresco_Default.json [08 May 2024 13:25:36,0452] PIPELINE-SCAN INFO: Successfully retrieved the policy [08 May 2024 13:25:36,0452] PIPELINE-SCAN INFO: Policy name: Alfresco Default [08 May 2024 13:25:36,0452] PIPELINE-SCAN INFO: CWE filter: [08 May 2024 13:25:36,0452] PIPELINE-SCAN INFO: Severity filter: 3, 4, 5, [08 May 2024 13:25:36,0453] PIPELINE-SCAN INFO: Beginning scanning of 'to-scan.zip'. [08 May 2024 13:25:36,0453] PIPELINE-SCAN INFO: Sending 84228047 bytes to the server for analysis. [08 May 2024 13:26:12,0586] PIPELINE-SCAN INFO: Upload complete. [08 May 2024 13:26:12,0586] PIPELINE-SCAN INFO: Scan ID: dc7d0e3d-d112-4fb6-80f4-9bd5980dc307 [08 May 2024 13:26:13,0163] PIPELINE-SCAN INFO: Analysis Started. =========================== Found 5 Scannable modules. =========================== JS files within alfresco-transform-core-aio-5.1.2-A1-SNAPSHOT-javadoc.jar JS files within jwarc-0.29.0.jar engines/aio/target/alfresco-transform-core-aio-5.1.2-A1-SNAPSHOT.jar JS files within alfresco-base-t-engine-5.1.2-A1-SNAPSHOT-javadoc.jar JS files within alfresco-transform-model-5.1.2-A1-SNAPSHOT-javadoc.jar [08 May 2024 13:35:49,0952] PIPELINE-SCAN INFO: Analysis Complete. [08 May 2024 13:35:49,0953] PIPELINE-SCAN INFO: Analysis Results: Received 120871 bytes in 613500ms. [08 May 2024 13:35:49,0966] PIPELINE-SCAN INFO: Writing Raw JSON Results to file '/home/runner/work/alfresco-transform-core/alfresco-transform-core/results.json'. [08 May 2024 13:35:49,0976] PIPELINE-SCAN INFO: Writing Filtered JSON Results to file '/home/runner/work/alfresco-transform-core/alfresco-transform-core/filtered_results.json'. Scan Summary: PIPELINE_SCAN_VERSION: 24.4.0-0 DEV-STAGE: DEVELOPMENT PROJECT-NAME: alfresco-transform-core SCAN_ID: dc7d0e3d-d112-4fb6-80f4-9bd5980dc307 SCAN_STATUS: SUCCESS SCAN_MESSAGE: Scan successful. Results size: 119145 bytes ==================== Analysis Successful. ==================== ========================== Found 5 Scannable modules. ========================== JS files within alfresco-transform-core-aio-5.1.2-A1-SNAPSHOT-javadoc.jar JS files within jwarc-0.29.0.jar engines/aio/target/alfresco-transform-core-aio-5.1.2-A1-SNAPSHOT.jar JS files within alfresco-base-t-engine-5.1.2-A1-SNAPSHOT-javadoc.jar JS files within alfresco-transform-model-5.1.2-A1-SNAPSHOT-javadoc.jar =================== Analyzed 5 modules. =================== JS files within alfresco-transform-core-aio-5.1.2-A1-SNAPSHOT-javadoc.jar JS files within jwarc-0.29.0.jar engines/aio/target/alfresco-transform-core-aio-5.1.2-A1-SNAPSHOT.jar JS files within alfresco-base-t-engine-5.1.2-A1-SNAPSHOT-javadoc.jar JS files within alfresco-transform-model-5.1.2-A1-SNAPSHOT-javadoc.jar =================== Analyzed 60 issues. =================== ----------------------------------- Found 40 issues of Medium severity. ----------------------------------- CWE-327: Use of a Broken or Risky Cryptographic Algorithm: aj/org/objectweb/asm/commons/SerialVersionUIDAdder.java:426 Details: <span>This function uses the SHA() function, which uses a hash algorithm that is considered weak. In recent years, researchers have demonstrated ways to breach many uses of previously-thought-safe hash functions such as MD5. </span> <span>Consider using a stronger algorithm in order to prevent attackers from being able to manipulate hash results. If this algorithm is being used to hash passwords, then consider using a strong computationally-hard algorithm such as PBKDF2 or bcrypt instead of a plain hashing algorithm.</span> <span>References: <a href="https://cwe.mitre.org/data/definitions/327.html">CWE</a></span> https://downloads.veracode.com/securityscan/cwe/v4/java/327.html CWE-327: Use of a Broken or Risky Cryptographic Algorithm: org/bouncycastle/jcajce/provider/asymmetric/compositesignatures/org/bouncycastle/jcajce/provider/asymmetric/compositesignatures/SignatureSpi.java:1 Details: <span>This cryptograph
Veracode - Source Clear Scan (SCA)
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
PDF Renderer
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Transform Misc
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
ImageMagick
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
LibreOffice
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Tika
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
All in One Transformer
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Pipeline SAST Scan
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected], veracode/[email protected], actions/upload-artifact@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "Veracode Pipeline-Scan Results", "Veracode Pipeline-Scan Results (Human Readable)". Please update your workflow to use v4 of the artifact actions. Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/

Artifacts

Produced during runtime
Name Size
Veracode Pipeline-Scan Results Expired
135 KB
Veracode Pipeline-Scan Results (Human Readable) Expired
2 KB