Docker vulnerability scan #440

Annotations

3 warnings

Unexpected input(s) 'security-checks', valid inputs are ['entryPoint', 'args', 'scan-type', 'image-ref', 'input', 'scan-ref', 'exit-code', 'ignore-unfixed', 'vuln-type', 'severity', 'format', 'template', 'output', 'skip-dirs', 'skip-files', 'cache-dir', 'timeout', 'ignore-policy', 'hide-progress', 'list-all-pkgs', 'scanners', 'trivyignores', 'artifact-type', 'github-pat', 'trivy-config', 'limit-severities-for-sarif']

Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355, aws-actions/amazon-ecr-login@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7, github/codeql-action/upload-sarif@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.

Login to ECR

Your docker password is not masked. See https://github.com/aws-actions/amazon-ecr-login#docker-credentials for more information. The default value of the 'mask-password' input has changed from 'false' to 'true' in the v2 release. See https://github.com/aws-actions/amazon-ecr-login/issues/526 for more information.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Docker vulnerability scan #440

docker-vulnerability-scan-lambda