Security Policy violation Binary Artifacts #4135

google-allstar-prod · 2023-11-07T06:13:12Z

This issue was automatically created by Allstar.

Security Policy Violation
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

⚠️ There is an updated version of this policy result! Click here to see the latest update

This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.

google-allstar-prod · 2023-11-08T08:41:01Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-11-09T11:12:51Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-11-22T03:37:46Z

The policy result has been updated.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-11-23T04:14:03Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-11-27T22:44:24Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-11-28T22:45:08Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-11-30T05:58:16Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-12-02T05:54:57Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-12-03T05:58:26Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-12-04T05:46:12Z

Policy is now in compliance. Closing issue.

google-allstar-prod · 2023-12-08T20:42:28Z

Reopening issue. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-12-10T05:56:56Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-12-12T05:54:19Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-12-13T05:56:45Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2023-12-15T05:58:16Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-10T22:29:09Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-12T05:53:05Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-14T05:52:34Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-15T05:54:15Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-16T19:04:24Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-18T05:54:41Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-20T05:49:10Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-22T05:51:37Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-24T07:11:42Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-01-26T05:37:23Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-05T05:42:25Z

Reopening issue. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-07T05:37:50Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-08T05:40:46Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-10T05:40:22Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-12T05:41:31Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-14T05:43:09Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-cli/src/integration-test/resources/jarTest/standard/dependency1.jar
jib-cli/src/integration-test/resources/jarTest/standard/directory/dependency2.jar
jib-cli/src/integration-test/resources/jarTest/standard/jarWithCp.jar
jib-cli/src/integration-test/resources/jarTest/standard/noDependencyJar.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-15T05:40:21Z

The policy result has been updated.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-16T05:41:56Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-18T05:42:15Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-19T09:45:38Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-03-21T06:49:31Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

jib-gradle-plugin/src/integration-test/resources/gradle/projects/default-target/libs/dependency-1.0.0.jar
jib-gradle-plugin/src/integration-test/resources/gradle/projects/simple/libs/dependency-1.0.0.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-05-29T05:53:02Z

The policy result has been updated.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-05-31T05:48:39Z

Policy is now in compliance. Closing issue.

google-allstar-prod · 2024-06-11T05:57:05Z

Reopening issue. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-13T05:55:11Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-14T06:35:14Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-16T05:53:37Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-17T05:54:03Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-19T05:54:51Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-21T05:52:52Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-23T05:55:13Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-24T09:01:39Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

examples/helloworld/gradle/wrapper/gradle-wrapper.jar
examples/java-agent/gradle/wrapper/gradle-wrapper.jar
examples/ktor/gradle/wrapper/gradle-wrapper.jar
examples/micronaut/gradle/wrapper/gradle-wrapper.jar
examples/multi-module/gradle/wrapper/gradle-wrapper.jar
examples/spring-boot/gradle/wrapper/gradle-wrapper.jar
examples/vertx/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/jarTest/spring-boot/gradle/wrapper/gradle-wrapper.jar
jib-cli/src/integration-test/resources/warTest/gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

google-allstar-prod · 2024-06-26T05:43:29Z

Policy is now in compliance. Closing issue.

google-allstar-prod bot added the allstar label Nov 7, 2023

JoeWang1127 added priority: p2 type: process labels Nov 13, 2023

google-allstar-prod bot closed this as completed Dec 4, 2023

google-allstar-prod bot reopened this Dec 8, 2023

google-allstar-prod bot reopened this Mar 5, 2024

meltsufin mentioned this issue Mar 21, 2024

chore: enable repo-level override GoogleContainerTools/.allstar#11

Merged

meltsufin closed this as completed Mar 21, 2024

google-allstar-prod bot reopened this May 29, 2024

google-allstar-prod bot closed this as completed May 31, 2024

google-allstar-prod bot reopened this Jun 11, 2024

google-allstar-prod bot closed this as completed Jun 26, 2024

Security Policy violation Binary Artifacts #4135

Security Policy violation Binary Artifacts #4135

Comments

google-allstar-prod bot commented Nov 7, 2023 • edited Loading

google-allstar-prod bot commented Nov 8, 2023

google-allstar-prod bot commented Nov 9, 2023

google-allstar-prod bot commented Nov 22, 2023

google-allstar-prod bot commented Nov 23, 2023

google-allstar-prod bot commented Nov 27, 2023

google-allstar-prod bot commented Nov 28, 2023

google-allstar-prod bot commented Nov 30, 2023

google-allstar-prod bot commented Dec 2, 2023

google-allstar-prod bot commented Dec 3, 2023

google-allstar-prod bot commented Dec 4, 2023

google-allstar-prod bot commented Dec 8, 2023

google-allstar-prod bot commented Dec 10, 2023

google-allstar-prod bot commented Dec 12, 2023

google-allstar-prod bot commented Dec 13, 2023

google-allstar-prod bot commented Dec 15, 2023

google-allstar-prod bot commented Jan 10, 2024

google-allstar-prod bot commented Jan 12, 2024

google-allstar-prod bot commented Jan 14, 2024

google-allstar-prod bot commented Jan 15, 2024

google-allstar-prod bot commented Jan 16, 2024

google-allstar-prod bot commented Jan 18, 2024

google-allstar-prod bot commented Jan 20, 2024

google-allstar-prod bot commented Jan 22, 2024

google-allstar-prod bot commented Jan 24, 2024

google-allstar-prod bot commented Jan 26, 2024

google-allstar-prod bot commented Mar 5, 2024

google-allstar-prod bot commented Mar 7, 2024

google-allstar-prod bot commented Mar 8, 2024

google-allstar-prod bot commented Mar 10, 2024

google-allstar-prod bot commented Mar 12, 2024

google-allstar-prod bot commented Mar 14, 2024

google-allstar-prod bot commented Mar 15, 2024

google-allstar-prod bot commented Mar 16, 2024

google-allstar-prod bot commented Mar 18, 2024

google-allstar-prod bot commented Mar 19, 2024

google-allstar-prod bot commented Mar 21, 2024

google-allstar-prod bot commented May 29, 2024

google-allstar-prod bot commented May 31, 2024

google-allstar-prod bot commented Jun 11, 2024

google-allstar-prod bot commented Jun 13, 2024

google-allstar-prod bot commented Jun 14, 2024

google-allstar-prod bot commented Jun 16, 2024

google-allstar-prod bot commented Jun 17, 2024

google-allstar-prod bot commented Jun 19, 2024

google-allstar-prod bot commented Jun 21, 2024

google-allstar-prod bot commented Jun 23, 2024

google-allstar-prod bot commented Jun 24, 2024

google-allstar-prod bot commented Jun 26, 2024

google-allstar-prod bot commented Nov 7, 2023 •

edited

Loading