[BE][FE][SECURITY] Kics #2370
mkanalkics.yml
on: schedule
Analyze frontend
42s
Analyze backend
39s
Annotations
8 warnings
|
Analyze backend
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
[INFO] Shared Volumes Between Containers:
tx-backend/docker/docker-compose.yml#L23
Volumes shared between containers can cause data corruption or can be used to share malicious files between containers.
|
|
Analyze frontend
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
[MEDIUM] Container Capabilities Unrestricted:
frontend/cypress/docker-compose.yml#L24
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
frontend/docker-compose.yml#L24
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Healthcheck Not Set:
frontend/cypress/docker-compose.yml#L24
Check containers periodically to see if they are running properly.
|
|
[MEDIUM] Host Namespace is Shared:
frontend/docker-compose.yml#L45
The hosts process namespace should not be shared by containers
|
|
[MEDIUM] Shared Host Network Namespace:
frontend/cypress/docker-compose.yml#L35
Container should not share the host network namespace
|