Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update wrapper to cli 2.1.2 AST-43187 #290

Merged
merged 1 commit into from
May 20, 2024
Merged

Update wrapper to cli 2.1.2 AST-43187 #290

merged 1 commit into from
May 20, 2024

Conversation

OrShamirCM
Copy link
Collaborator

@OrShamirCM OrShamirCM commented May 20, 2024
edited
Loading

Testing done

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

@OrShamirCM OrShamirCM changed the title Update wrapper to cli 2.1.2 Update wrapper to cli 2.1.2 AST-43187 May 20, 2024
@OrShamirCM OrShamirCM added bug Something isn't working dependencies Pull requests that update a dependency file labels May 20, 2024
@github-actions GitHub Actions
Copy link
Contributor

Logo
Checkmarx One – Scan Summary & Details3dd7f295-1a2a-4226-86da-9bb4769c0536

Policy Management Violations

Policy Name Rule(s) Break Build
[SAST-ML0] Not allowed NEW Sast vulnerabilities true

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 Attack Vector
MEDIUM Unpinned Actions Full Length Commit SHA /dependabot-auto-merge.yml: 23 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 53 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /ast-scan.yml: 12 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity Issue Source File / Package
MEDIUM Unpinned Actions Full Length Commit SHA /ci.yml: 40
MEDIUM Unpinned Actions Full Length Commit SHA /manual-tag.yml: 23
MEDIUM Unpinned Actions Full Length Commit SHA /release.yml: 42
MEDIUM Unpinned Actions Full Length Commit SHA /release.yml: 53
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 24
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 17
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 55
MEDIUM Unpinned Actions Full Length Commit SHA /cd.yml: 34

@OrShamirCM OrShamirCM merged commit e032ddd into main May 20, 2024
14 of 16 checks passed
@OrShamirCM OrShamirCM deleted the feature/update-cli branch May 20, 2024 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Something isn't working dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@OrShamirCM