Skip to content
Security Scan

deps(terraform)(deps): update hashicorp/aws requirement from ~> 4.0 to ~> 5.89 in /infrastructure/terraform #695

Sign in to view logs

deps(terraform)(deps): update hashicorp/aws requirement from ~> 4.0 to ~> 5.89 in /infrastructure/terraform

deps(terraform)(deps): update hashicorp/aws requirement from ~> 4.0 to ~> 5.89 in /infrastructure/terraform #695

Triggered via pull request March 4, 2025 10:16
@dependabotdependabot[bot]
opened #16
dependabot/terraform/infrastructure/terraform/hashicorp/aws-tw-5.89
Status Failure
Total duration 3h 50m 54s
Artifacts 1

security-scan.yml

on: pull_request
Static Code Analysis
17s
Static Code Analysis
Dependency Vulnerability Scan
33s
Dependency Vulnerability Scan
Secret Detection
11s
Secret Detection
Container Vulnerability Scan
24s
Container Vulnerability Scan
Generate Security Report
0s
Generate Security Report
Fit to window
Zoom out
Zoom in

Annotations

16 errors and 2 warnings
Secret Detection
CodeQL Action major versions v1 and v2 have been deprecated. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/
Secret Detection
Path does not exist: gitleaks-report.sarif
Static Code Analysis
Process completed with exit code 1.
Static Code Analysis
CodeQL Action major versions v1 and v2 have been deprecated. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/
Static Code Analysis
Path does not exist: bandit-results.sarif
Static Code Analysis
Process completed with exit code 2.
Container Vulnerability Scan
Process completed with exit code 1.
Container Vulnerability Scan
Process completed with exit code 1.
Container Vulnerability Scan
CodeQL Action major versions v1 and v2 have been deprecated. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/
Container Vulnerability Scan
Path does not exist: trivy-backend-results.sarif
Container Vulnerability Scan
Path does not exist: trivy-frontend-results.sarif
Dependency Vulnerability Scan
CodeQL Action major versions v1 and v2 have been deprecated. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/
Dependency Vulnerability Scan
Path does not exist: snyk-python.sarif
Dependency Vulnerability Scan
Dependencies lock file is not found in /home/runner/work/refunds-wyx7mz/refunds-wyx7mz. Supported file patterns: package-lock.json,npm-shrinkwrap.json,yarn.lock
Dependency Vulnerability Scan
Path does not exist: snyk-node.sarif
Generate Security Report
This request has been automatically failed because it uses a deprecated version of `actions/upload-artifact: v3`. Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
SonarScanner
This action is deprecated and will be removed in a future release. Please use the sonarqube-scan-action action instead. The sonarqube-scan-action is a drop-in replacement for this action.
SonarScanner
Running this GitHub Action without SONAR_TOKEN is not recommended

Artifacts

Produced during runtime
Name Size
gitleaks-results.sarif
4.55 KB