fix(deps): update module mellium.im/xmpp to v0.22.0 [security] #968
renovate[bot]analysis.yml
on: pull_request
Scorecards
/
Security Scorecards
28s
Sonatype Nancy
/
Sonatype Nancy
5m 27s
Semgrep Scan
/
semgrep
22s
Dependency Review
/
Scan dependencies for license compliance
13s
Trivy
/
Filesystem
38s
Trivy
/
Container
0s
FOSSA
/
Find license compliance and security issues
Matrix: CodeQL
Annotations
3 errors and 10 warnings
|
|
|
CodeQL (go) / CodeQL Analysis
Name or service not known (internal-api.service.iad.github.net:443)
|
|
Sonatype Nancy / Sonatype Nancy
Command failed: go env GOPATH
go: downloading go1.23.1 (linux/amd64)
go: download go1.23.1: golang.org/[email protected]: Get "https://storage.googleapis.com/proxy-golang-org-prod/fbcea61ab6686895-golang.org:toolchain-v0.0.1-go1.23.1.linux-amd64.zip?Expires=1727367708&GoogleAccessId=gcs-urlsigner-prod%40golang-modproxy.iam.gserviceaccount.com&Signature=J8R61uLx86jaKh3Yyo4fgOSeeN6y8UGOHbNJXXo0%2Br8QF9h8drRA%2FJXynUbciUjTltQF6%2F9iQPsLMjdD25eTC1GNJXn54o%2FGq%2BwjHvoMx4JA4aKmMytFFSYWtLgPzSamcemqcLWy8z9RQO%2FZgFQG1UjPQqdEEK5YMlEvchjCfV0yudxezv0gsLGP%2Fr99%2FAINVjoFxHQkVJx3wHzbKGsDmO2MaG%2BOUsG61zAfd2PsmH6kW%2BqeG6Rgc2FC5yozCR2WB6xi68yXAyrSTc6tGyd4fYZsmNy9T9yEM2X3WRwaWt51bUDF%2Fknu2rZoOqVbizujE4pDdFB16rrYTT26gdugvA%3D%3D": dial tcp 54.185.253.63:443: connect: connection refused
|
|
Scorecards / Security Scorecards
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce, github/codeql-action/upload-sarif@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Semgrep Scan / semgrep
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Dependency Review / Scan dependencies for license compliance
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Trivy / Filesystem
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce, github/codeql-action/upload-sarif@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
CodeQL (go) / CodeQL Analysis
Failed to download action 'https://internal-api.service.iad.github.net/repos/step-security/harden-runner/tarball/5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde'. Error: Name or service not known (internal-api.service.iad.github.net:443)
|
|
CodeQL (go) / CodeQL Analysis
Back off 22.436 seconds before retry.
|
|
CodeQL (go) / CodeQL Analysis
Failed to download action 'https://internal-api.service.iad.github.net/repos/step-security/harden-runner/tarball/5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde'. Error: Name or service not known (internal-api.service.iad.github.net:443)
|
|
CodeQL (go) / CodeQL Analysis
Back off 20.547 seconds before retry.
|
|
Sonatype Nancy / Sonatype Nancy
The following actions use a deprecated Node.js version and will be forced to run on node20: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423, actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "SARIF file".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
SARIF file
Expired
|
38.9 KB |
|