CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_15: "Image Pull Policy should be Always"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_31: "Ensure that the seccomp profile is set to docker/default or runtime/default"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_43: "Image should use digest"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_28: "Minimize the admission of containers with the NET_RAW capability"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_30: "Apply security context to your containers"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_29: "Apply security context to your pods and containers"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_23: "Minimize the admission of root containers"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_22: "Use read-only filesystem for containers where possible"

Kubernetes Manifest Security Scan: manifests/waf/modsecurity-deployment.yaml#L79

CKV_K8S_37: "Minimize the admission of containers with capabilities assigned"

Trivy Container Image Scan (api)

Process completed with exit code 1.

Trivy Container Image Scan (api)

Path does not exist: trivy-api-results.sarif

Trivy Container Image Scan (api)

Process completed with exit code 1.

SAST with Semgrep

npm Dependency Vulnerability Scan

Process completed with exit code 1.

Trivy Container Image Scan (ui)

The strategy configuration was canceled because "trivy-container-scan.api" failed

Trivy Container Image Scan (ui)

Process completed with exit code 1.

Trivy Container Image Scan (ui)

Path does not exist: trivy-ui-results.sarif

Trivy Container Image Scan (ui)

The operation was canceled.

Go Dependency Vulnerability Scan (controller)

cmd.init calls logr.Logger.WithName, which eventually calls tls.Conn.Write

Go Dependency Vulnerability Scan (controller)

controllers.TemplateReconciler.Reconcile calls client.subResourceClient.Update, which eventually calls tls.Conn.Read

Go Dependency Vulnerability Scan (controller)

cmd.main calls manager.controllerManager.Start, which eventually calls tls.Conn.HandshakeContext

Go Dependency Vulnerability Scan (controller)

cmd.main calls manager.controllerManager.Start, which eventually calls pem.Decode

Go Dependency Vulnerability Scan (controller)

controllers.TemplateReconciler.Reconcile calls client.subResourceClient.Update, which eventually calls url.URL.Parse

Go Dependency Vulnerability Scan (controller)

cmd.main calls config.GetConfigOrDie, which eventually calls url.ParseRequestURI

Go Dependency Vulnerability Scan (controller)

controllers.TemplateReconciler.Reconcile calls client.subResourceClient.Update, which eventually calls url.Parse

Go Dependency Vulnerability Scan (controller)

cmd.main calls manager.controllerManager.Start, which eventually calls asn1.Unmarshal

Go Dependency Vulnerability Scan (controller)

controllers.TemplateReconciler.Reconcile calls client.subResourceClient.Update, which eventually calls http.Client.Do

Go Dependency Vulnerability Scan (controller)

cmd.init calls logr.Logger.WithName, which eventually calls x509.Certificate.Verify

Trivy Container Image Scan (controller)

The strategy configuration was canceled because "trivy-container-scan.api" failed

Trivy Container Image Scan (controller)

Process completed with exit code 1.

Trivy Container Image Scan (controller)

Path does not exist: trivy-controller-results.sarif

Trivy Container Image Scan (controller)

The operation was canceled.

Go Dependency Vulnerability Scan (api)

The strategy configuration was canceled because "go-dependency-scan.controller" failed

Go Dependency Vulnerability Scan (api): api/internal/api/handlers.go#L606

templates[j].UsageCount undefined (type *k8s.Template has no field or method UsageCount)

Go Dependency Vulnerability Scan (api): api/internal/api/handlers.go#L606

templates[i].UsageCount undefined (type *k8s.Template has no field or method UsageCount)

Go Dependency Vulnerability Scan (api): api/internal/api/handlers.go#L594

tmpl.Featured undefined (type *k8s.Template has no field or method Featured)

Go Dependency Vulnerability Scan (api): api/internal/api/handlers.go#L298

h.quotaEnforcer.UpdateSessionQuota undefined (type *quota.Enforcer has no field or method UpdateSessionQuota)

Go Dependency Vulnerability Scan (api): api/internal/api/handlers.go#L230

h.quotaEnforcer.UpdateSessionQuota undefined (type *quota.Enforcer has no field or method UpdateSessionQuota)

Go Dependency Vulnerability Scan (api): api/internal/api/handlers.go#L168

h.quotaEnforcer.CheckSessionQuota undefined (type *quota.Enforcer has no field or method CheckSessionQuota)

Go Dependency Vulnerability Scan (api): api/internal/api/handlers.go#L161

undefined: quota.SessionRequest

Go Dependency Vulnerability Scan (api): api/internal/websocket/handlers.go#L177

declared and not used: err

Go Dependency Vulnerability Scan (api): api/internal/quota/enforcer.go#L118

e.groupDB.GetByName undefined (type *db.GroupDB has no field or method GetByName)

Go Dependency Vulnerability Scan (api): api/internal/quota/enforcer.go#L74

e.userDB.GetByUsername undefined (type *db.UserDB has no field or method GetByUsername)

CodeQL Analysis (javascript)

CodeQL Analysis (go)

Trivy Container Image Scan (api)

No files were found with the provided path: trivy-api-report.html. No artifacts will be uploaded.

Trivy Container Image Scan (ui)

No files were found with the provided path: trivy-ui-report.html. No artifacts will be uploaded.

Go Dependency Vulnerability Scan (controller)

Restore cache failed: Dependencies file is not found in /home/runner/work/streamspace/streamspace. Supported file pattern: go.sum

Trivy Container Image Scan (controller)

No files were found with the provided path: trivy-controller-report.html. No artifacts will be uploaded.

Go Dependency Vulnerability Scan (api)

Restore cache failed: Dependencies file is not found in /home/runner/work/streamspace/streamspace. Supported file pattern: go.sum

CodeQL Analysis (javascript)

Cannot create diff range extension pack for diff-informed queries; reverting to performing full analysis.

CodeQL Analysis (javascript)

Error retrieving diff master...JoshuaAFerguson:claude/fix-gh-pages-updates-01L92ftG8EDW8dY7sKKx1CpQ: Not Found - https://docs.github.com/rest/commits/commits#compare-two-commits

CodeQL Analysis (go)

Cannot create diff range extension pack for diff-informed queries; reverting to performing full analysis.

CodeQL Analysis (go)

Error retrieving diff master...JoshuaAFerguson:claude/fix-gh-pages-updates-01L92ftG8EDW8dY7sKKx1CpQ: Not Found - https://docs.github.com/rest/commits/commits#compare-two-commits

Artifacts

Produced during runtime

Name	Size	Digest
gitleaks-results.sarif Expired	6.62 KB	`sha256:5d9fc6d2293b39a4aa305073d1c3d5603ffdff273282a5e421f23b0d8cbafc59`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix GitHub Pages branch not updating #27

Summary

Fix GitHub Pages branch not updating #27

Uh oh!

security-scan.yml

Annotations

Artifacts