checkov action #1
Annotations
7 errors and 6 warnings
Upload SARIF file
Resource not accessible by integration
|
Run Checkov action:
.github/workflows/publish-and-deploy.yaml#L1
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
Run Checkov action:
.github/workflows/checkov.yaml#L1
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
Run Checkov action:
.github/workflows/main.yaml#L1
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
Run Checkov action:
.github/workflows/no_forgoten_migrations.yaml#L1
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
Run Checkov action:
.github/workflows/run_django_tests.yaml#L1
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
Run Checkov action:
.github/workflows/no_debug_allowed.yaml#L1
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: github/codeql-action/upload-sarif@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
Upload SARIF file
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
Upload SARIF file
Resource not accessible by integration
|
Upload SARIF file
This run of the CodeQL Action does not have permission to access Code Scanning API endpoints. As a result, it will not be opted into any experimental features. This could be because the Action is running on a pull request from a fork. If not, please ensure the Action has the 'security-events: write' permission. Details: Resource not accessible by integration
|
Upload SARIF file
Resource not accessible by integration
|
Upload SARIF file
Resource not accessible by integration
|
Loading