Bump step-security/harden-runner from 1.5.0 to 2.9.1 #898
dependabot[bot]analysis.yml
on: pull_request
Scorecards
/
Security Scorecards
3m 35s
Sonatype Nancy
/
Sonatype Nancy
5m 26s
Dependency Review
/
Scan dependencies for license compliance
6h 4m
Trivy
/
Filesystem
5m 46s
Trivy
/
Container
0s
FOSSA
/
Find license compliance and security issues
Semgrep Scan
/
semgrep
Matrix: CodeQL
Annotations
2 errors and 7 warnings
|
Scorecards / Security Scorecards
StepSecurity Harden Runner: Reverting agent since allowed endpoint *.blob.core.windows.net could not be resolved
|
|
Dependency Review / Scan dependencies for license compliance
The job running on runner GitHub Actions 2 has exceeded the maximum execution time of 360 minutes.
|
|
Scorecards / Security Scorecards
The following actions uses Node.js version which is deprecated and will be forced to run on node20: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776, actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce, github/codeql-action/upload-sarif@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
CodeQL (go) / CodeQL Analysis
The following actions uses Node.js version which is deprecated and will be forced to run on node20: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776, actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab, github/codeql-action/init@f0a12816612c7306b485a22cb164feb43c6df818, github/codeql-action/autobuild@f0a12816612c7306b485a22cb164feb43c6df818, github/codeql-action/analyze@f0a12816612c7306b485a22cb164feb43c6df818. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
CodeQL (go) / CodeQL Analysis
The "paths"/"paths-ignore" fields of the config only have effect for JavaScript, Python, and Ruby
|
|
Sonatype Nancy / Sonatype Nancy
The following actions uses Node.js version which is deprecated and will be forced to run on node20: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423, actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Trivy / Filesystem
The following actions uses Node.js version which is deprecated and will be forced to run on node20: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776, actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce, github/codeql-action/upload-sarif@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "SARIF file".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
|
Dependency Review / Scan dependencies for license compliance
Runner GitHub Actions 2 did not respond to a cancelation request with 00:05:00.
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
SARIF file
Expired
|
37.9 KB |
|