Merge pull request #36 from JoshuaAFerguson/claude/fix-github-actions… #63
JoshuaAFergusonsecurity-scan.yml
on: push
Matrix: CodeQL Analysis
Matrix: Dockerfile Linting
Matrix: Go Dependency Vulnerability Scan
Matrix: Trivy Container Image Scan
npm Dependency Vulnerability Scan
39s
Secret Scanning with Gitleaks
5s
SAST with Semgrep
43s
Kubernetes Manifest Security Scan
23s
Dependency Review
Security Scan Summary
3s
Annotations
43 errors and 5 warnings
|
Kubernetes Manifest Security Scan
Path does not exist: checkov-k8s-results.sarif
|
|
Kubernetes Manifest Security Scan
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Dockerfile Linting (api):
api/Dockerfile#L41
DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
|
|
Dockerfile Linting (api):
api/Dockerfile#L12
DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
|
|
Dockerfile Linting (ui)
The strategy configuration was canceled because "docker-lint.api" failed
|
|
Go Dependency Vulnerability Scan (api):
api/internal/api/handlers.go#L594
tmpl.Featured undefined (type *k8s.Template has no field or method Featured)
|
|
Go Dependency Vulnerability Scan (api):
api/internal/api/handlers.go#L298
h.quotaEnforcer.UpdateSessionQuota undefined (type *quota.Enforcer has no field or method UpdateSessionQuota)
|
|
Go Dependency Vulnerability Scan (api):
api/internal/api/handlers.go#L230
h.quotaEnforcer.UpdateSessionQuota undefined (type *quota.Enforcer has no field or method UpdateSessionQuota)
|
|
Go Dependency Vulnerability Scan (api):
api/internal/api/handlers.go#L168
h.quotaEnforcer.CheckSessionQuota undefined (type *quota.Enforcer has no field or method CheckSessionQuota)
|
|
Go Dependency Vulnerability Scan (api):
api/internal/api/handlers.go#L161
undefined: quota.SessionRequest
|
|
Go Dependency Vulnerability Scan (api):
api/internal/websocket/handlers.go#L238
declared and not used: err
|
|
Go Dependency Vulnerability Scan (api):
api/internal/quota/enforcer.go#L236
e.groupDB.GetByName undefined (type *db.GroupDB has no field or method GetByName)
|
|
Go Dependency Vulnerability Scan (api):
api/internal/quota/enforcer.go#L192
e.userDB.GetByUsername undefined (type *db.UserDB has no field or method GetByUsername)
|
|
Go Dependency Vulnerability Scan (api)
cannot use typeSchema.Types (variable of type []"sigs.k8s.io/structured-merge-diff/v6/schema".TypeDef) as []"sigs.k8s.io/structured-merge-diff/v4/schema".TypeDef value in struct literal
|
|
Go Dependency Vulnerability Scan (api)
cannot use typeSchema.Types (variable of type []"sigs.k8s.io/structured-merge-diff/v6/schema".TypeDef) as []"sigs.k8s.io/structured-merge-diff/v4/schema".TypeDef value in struct literal
|
|
Go Dependency Vulnerability Scan (controller)
The strategy configuration was canceled because "go-dependency-scan.api" failed
|
|
Go Dependency Vulnerability Scan (controller)
controllers.TemplateReconciler.Reconcile calls client.subResourceClient.Update, which eventually calls http2.Transport.NewClientConn
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.StreamError.Error
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.SettingID.String
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.Setting.String
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.GoAwayError.Error
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.FrameType.String
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.ErrCode.String
|
|
Go Dependency Vulnerability Scan (controller)
controllers.SessionReconciler.handleTerminated calls fmt.Sprintf, which eventually calls http2.ConnectionError.Error
|
|
Go Dependency Vulnerability Scan (controller)
cmd.main calls manager.New, which eventually calls http2.ConfigureTransports
|
|
SAST with Semgrep
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
npm Dependency Vulnerability Scan
Process completed with exit code 1.
|
|
CodeQL Analysis (javascript)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Trivy Container Image Scan (ui)
Process completed with exit code 1.
|
|
Trivy Container Image Scan (ui)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Trivy Container Image Scan (ui)
Process completed with exit code 1.
|
|
Trivy Container Image Scan (controller)
The strategy configuration was canceled because "trivy-container-scan.ui" failed
|
|
Trivy Container Image Scan (controller)
Process completed with exit code 1.
|
|
Trivy Container Image Scan (controller)
Path does not exist: trivy-controller-results.sarif
|
|
Trivy Container Image Scan (controller)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Trivy Container Image Scan (controller)
The operation was canceled.
|
|
Trivy Container Image Scan (api)
The strategy configuration was canceled because "trivy-container-scan.ui" failed
|
|
Trivy Container Image Scan (api)
Process completed with exit code 1.
|
|
Trivy Container Image Scan (api)
Path does not exist: trivy-api-results.sarif
|
|
Trivy Container Image Scan (api)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Trivy Container Image Scan (api)
The operation was canceled.
|
|
CodeQL Analysis (go)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Go Dependency Vulnerability Scan (api)
Restore cache failed: Dependencies file is not found in /home/runner/work/streamspace/streamspace. Supported file pattern: go.sum
|
|
Go Dependency Vulnerability Scan (controller)
Restore cache failed: Dependencies file is not found in /home/runner/work/streamspace/streamspace. Supported file pattern: go.sum
|
|
Trivy Container Image Scan (ui)
No files were found with the provided path: trivy-ui-report.html. No artifacts will be uploaded.
|
|
Trivy Container Image Scan (controller)
No files were found with the provided path: trivy-controller-report.html. No artifacts will be uploaded.
|
|
Trivy Container Image Scan (api)
No files were found with the provided path: trivy-api-report.html. No artifacts will be uploaded.
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
gitleaks-results.sarif
Expired
|
6.62 KB |
sha256:28e0de932c13b3419f597ff40ff21c92dd652a97978662ae433ce62acbe87e55
|
|