Alfresco Transform Core CI #855
mikolajbrzezinskici.yml
on: schedule
Matrix: all_tests_matrix
Veracode - Source Clear Scan (SCA)
2m 8s
Core & Base Snapshot deployment
2m 22s
Pipeline SAST Scan
10m 35s
Release
0s
Annotations
1 error and 10 warnings
|
Pipeline SAST Scan
[13 May 2024 05:07:35,0315] PIPELINE-SCAN INFO: Pipeline Scan Tool Version 24.5.0-0.
[13 May 2024 05:07:35,0326] PIPELINE-SCAN INFO: Loading policy file Alfresco_Default.json
[13 May 2024 05:07:35,0328] PIPELINE-SCAN INFO: Successfully retrieved the policy
[13 May 2024 05:07:35,0328] PIPELINE-SCAN INFO: Policy name: Alfresco Default
[13 May 2024 05:07:35,0328] PIPELINE-SCAN INFO: CWE filter:
[13 May 2024 05:07:35,0328] PIPELINE-SCAN INFO: Severity filter: 3, 4, 5,
[13 May 2024 05:07:35,0329] PIPELINE-SCAN INFO: Beginning scanning of 'to-scan.zip'.
[13 May 2024 05:07:35,0329] PIPELINE-SCAN INFO: Sending 84228626 bytes to the server for analysis.
[13 May 2024 05:08:00,0366] PIPELINE-SCAN INFO: Upload complete.
[13 May 2024 05:08:00,0367] PIPELINE-SCAN INFO: Scan ID: b6dbafc5-04ea-4e62-9b0c-ce90ce137109
[13 May 2024 05:08:00,0585] PIPELINE-SCAN INFO: Analysis Started.
===========================
Found 5 Scannable modules.
===========================
JS files within alfresco-transform-core-aio-5.1.2-A2-SNAPSHOT-javadoc.jar
JS files within jwarc-0.29.0.jar
engines/aio/target/alfresco-transform-core-aio-5.1.2-A2-SNAPSHOT.jar
JS files within alfresco-base-t-engine-5.1.2-A2-SNAPSHOT-javadoc.jar
JS files within alfresco-transform-model-5.1.2-A2-SNAPSHOT-javadoc.jar
[13 May 2024 05:16:47,0360] PIPELINE-SCAN INFO: Analysis Complete.
[13 May 2024 05:16:47,0362] PIPELINE-SCAN INFO: Analysis Results: Received 120871 bytes in 552033ms.
[13 May 2024 05:16:47,0375] PIPELINE-SCAN INFO: Writing Raw JSON Results to file '/home/runner/work/alfresco-transform-core/alfresco-transform-core/results.json'.
[13 May 2024 05:16:47,0385] PIPELINE-SCAN INFO: Writing Filtered JSON Results to file '/home/runner/work/alfresco-transform-core/alfresco-transform-core/filtered_results.json'.
Scan Summary:
PIPELINE_SCAN_VERSION: 24.5.0-0
DEV-STAGE: DEVELOPMENT
PROJECT-NAME: alfresco-transform-core
SCAN_ID: b6dbafc5-04ea-4e62-9b0c-ce90ce137109
SCAN_STATUS: SUCCESS
SCAN_MESSAGE: Scan successful. Results size: 119145 bytes
====================
Analysis Successful.
====================
==========================
Found 5 Scannable modules.
==========================
JS files within alfresco-transform-core-aio-5.1.2-A2-SNAPSHOT-javadoc.jar
JS files within jwarc-0.29.0.jar
engines/aio/target/alfresco-transform-core-aio-5.1.2-A2-SNAPSHOT.jar
JS files within alfresco-base-t-engine-5.1.2-A2-SNAPSHOT-javadoc.jar
JS files within alfresco-transform-model-5.1.2-A2-SNAPSHOT-javadoc.jar
===================
Analyzed 5 modules.
===================
JS files within alfresco-transform-core-aio-5.1.2-A2-SNAPSHOT-javadoc.jar
JS files within jwarc-0.29.0.jar
engines/aio/target/alfresco-transform-core-aio-5.1.2-A2-SNAPSHOT.jar
JS files within alfresco-base-t-engine-5.1.2-A2-SNAPSHOT-javadoc.jar
JS files within alfresco-transform-model-5.1.2-A2-SNAPSHOT-javadoc.jar
===================
Analyzed 60 issues.
===================
-----------------------------------
Found 40 issues of Medium severity.
-----------------------------------
CWE-327: Use of a Broken or Risky Cryptographic Algorithm: aj/org/objectweb/asm/commons/SerialVersionUIDAdder.java:426
Details: <span>This function uses the SHA() function, which uses a hash algorithm that is considered weak. In recent years, researchers have demonstrated ways to breach many uses of previously-thought-safe hash functions such as MD5. </span> <span>Consider using a stronger algorithm in order to prevent attackers from being able to manipulate hash results. If this algorithm is being used to hash passwords, then consider using a strong computationally-hard algorithm such as PBKDF2 or bcrypt instead of a plain hashing algorithm.</span> <span>References: <a href="https://cwe.mitre.org/data/definitions/327.html">CWE</a></span>
https://downloads.veracode.com/securityscan/cwe/v4/java/327.html
CWE-327: Use of a Broken or Risky Cryptographic Algorithm: org/bouncycastle/jcajce/provider/asymmetric/compositesignatures/org/bouncycastle/jcajce/provider/asymmetric/compositesignatures/SignatureSpi.java:1
Details: <span>This cryptograph
|
|
Veracode - Source Clear Scan (SCA)
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Core & Base Snapshot deployment
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
PDF Renderer
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Transform Misc
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
ImageMagick
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
LibreOffice
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Pipeline SAST Scan
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected], veracode/[email protected], actions/upload-artifact@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Tika
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
All in One Transformer
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3, actions/cache@v3, actions/setup-java@v3, docker/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "Veracode Pipeline-Scan Results", "Veracode Pipeline-Scan Results (Human Readable)".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
Veracode Pipeline-Scan Results
Expired
|
135 KB |
|
|
Veracode Pipeline-Scan Results (Human Readable)
Expired
|
2.02 KB |
|