Merge pull request #759 from Alfresco/dependabot/maven/alfresco-db-co… #4671
ci.yml
on: push
pre_commit
2m 59s
PMD Scan
0s
Matrix: run_e2e_test
Matrix: Build and test application
Matrix: Build application with distribution profile
Veracode - Source Clear Scan (SCA)
4m 39s
Pipeline SAST Scan
6m 19s
Matrix: run_e2e_test_using_older_java
Push docker images
5m 48s
Publish SNAPSHOT artifacts
1m 59s
Make release and deploy to Nexus and S3 Staging Bucket
0s
Deploy release version to quay.io
0s
Copy to S3 Downloads Bucket
0s
Annotations
2 errors and 20 warnings
Pipeline SAST Scan
[05 Dec 2024 13:15:24,0599] PIPELINE-SCAN INFO: Pipeline Scan Tool Version 24.10.0-0.
[05 Dec 2024 13:15:24,0612] PIPELINE-SCAN INFO: Loading policy file Alfresco_Default.json
[05 Dec 2024 13:15:24,0614] PIPELINE-SCAN INFO: Successfully retrieved the policy
[05 Dec 2024 13:15:24,0614] PIPELINE-SCAN INFO: Policy name: Alfresco Default
[05 Dec 2024 13:15:24,0614] PIPELINE-SCAN INFO: CWE filter:
[05 Dec 2024 13:15:24,0615] PIPELINE-SCAN INFO: Severity filter: 3, 4, 5,
[05 Dec 2024 13:15:24,0615] PIPELINE-SCAN INFO: Beginning scanning of 'distribution/target/alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip'.
[05 Dec 2024 13:15:24,0618] PIPELINE-SCAN INFO: Sending 122598767 bytes to the server for analysis.
[05 Dec 2024 13:16:00,0101] PIPELINE-SCAN INFO: Upload complete.
[05 Dec 2024 13:16:00,0102] PIPELINE-SCAN INFO: Scan ID: 41e5dcc8-4813-4747-b649-bc7c82ed6550
[05 Dec 2024 13:16:00,0380] PIPELINE-SCAN INFO: Analysis Started.
===========================
Found 6 Scannable modules.
===========================
alfresco-hxinsight-connector-bulk-ingester-1.0.2-SNAPSHOT-app.jar
alfresco-hxinsight-connector-hxinsight-extension-1.0.2-SNAPSHOT.jar
alfresco-hxinsight-connector-live-ingester-1.0.2-SNAPSHOT-app.jar
alfresco-hxinsight-connector-prediction-applier-1.0.2-SNAPSHOT-app.jar
JS files within spring-security-web-6.4.1.jar
JS files within alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip
[05 Dec 2024 13:18:50,0549] PIPELINE-SCAN INFO: Analysis Complete.
[05 Dec 2024 13:18:50,0551] PIPELINE-SCAN INFO: Analysis Results: Received 5159 bytes in 205936ms.
[05 Dec 2024 13:18:50,0553] PIPELINE-SCAN INFO: Writing Raw JSON Results to file '/home/runner/work/hxinsight-connector/hxinsight-connector/results.json'.
[05 Dec 2024 13:18:50,0554] PIPELINE-SCAN INFO: Applying custom severity 4 to cwe 80
[05 Dec 2024 13:18:50,0556] PIPELINE-SCAN INFO: Writing Filtered JSON Results to file '/home/runner/work/hxinsight-connector/hxinsight-connector/filtered_results.json'.
Scan Summary:
PIPELINE_SCAN_VERSION: 24.10.0-0
DEV-STAGE: DEVELOPMENT
PROJECT-NAME: hxinsight-connector
SCAN_ID: 41e5dcc8-4813-4747-b649-bc7c82ed6550
SCAN_STATUS: SUCCESS
SCAN_MESSAGE: Scan successful. Results size: 4388 bytes
====================
Analysis Successful.
====================
==========================
Found 6 Scannable modules.
==========================
alfresco-hxinsight-connector-bulk-ingester-1.0.2-SNAPSHOT-app.jar
alfresco-hxinsight-connector-hxinsight-extension-1.0.2-SNAPSHOT.jar
alfresco-hxinsight-connector-live-ingester-1.0.2-SNAPSHOT-app.jar
alfresco-hxinsight-connector-prediction-applier-1.0.2-SNAPSHOT-app.jar
JS files within spring-security-web-6.4.1.jar
JS files within alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip
===================
Analyzed 6 modules.
===================
alfresco-hxinsight-connector-bulk-ingester-1.0.2-SNAPSHOT-app.jar
alfresco-hxinsight-connector-hxinsight-extension-1.0.2-SNAPSHOT.jar
alfresco-hxinsight-connector-live-ingester-1.0.2-SNAPSHOT-app.jar
alfresco-hxinsight-connector-prediction-applier-1.0.2-SNAPSHOT-app.jar
JS files within spring-security-web-6.4.1.jar
JS files within alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip
==================
Analyzed 2 issues.
==================
--------------------------------
Found 1 issues of High severity.
--------------------------------
CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS): org/springframework/security/spring-security-webauthn.js:199
Details: <span>This call to href() contains a cross-site scripting (XSS) flaw. The application populates the HTTP response with untrusted input, allowing an attacker to embed malicious content, such as Javascript code, which will be executed in the context of the victim's browser. XSS vulnerabilities are commonly exploited to steal or manipulate cookies, modify presentation of content, and compromise confidential information, with new attack vectors being discovered on a regular basis. </span> <span>Use contextual escaping on all untrusted
|
Run e2e tests using ACS 7.4.2 on Java 11
Process completed with exit code 1.
|
pre_commit
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build and test application (common-test)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build and test application (common)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build and test application (common-authentication)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build and test application (bulk-ingester)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build application with distribution profile (23.3.0)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build application with distribution profile (7.4.2)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build application with distribution profile (7.3.2)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build and test application (hxinsight-extension)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Veracode - Source Clear Scan (SCA)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Pipeline SAST Scan
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build and test application (prediction-applier)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Build and test application (live-ingester)
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Run e2e tests using ACS 23.3.0
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Run e2e tests using ACS 7.3.2 on Java 11
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Run e2e tests using ACS 7.3.2
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Run e2e tests using ACS 7.4.2
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Publish SNAPSHOT artifacts
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Push docker images
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Run e2e tests using ACS 7.4.2 on Java 11
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Artifacts
Produced during runtime
Name | Size | |
---|---|---|
Veracode Pipeline-Scan Results
|
3.69 KB |
|