Analysis

Update step-security/harden-runner action to v2.10.4 #204

Sign in to view logs

Triggered via pull request January 20, 2025 01:28

synchronize #55

renovate/step-security-harden-runner-2.x

Status Success

Total duration 6m 37s

Artifacts 1

analysis.yml

on: pull_request

Scorecards / Security Scorecards

Sonatype Nancy / Sonatype Nancy

Semgrep Scan / semgrep

Dependency Review / Scan dependencies for license compliance

Trivy / Filesystem

Trivy / Container

FOSSA / Find license compliance and security issues

Matrix: CodeQL

Annotations

7 warnings

Dependency Review / Scan dependencies for license compliance

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Semgrep Scan / semgrep

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Scorecards / Security Scorecards

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Trivy / Filesystem

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

CodeQL (go) / CodeQL Analysis

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Sonatype Nancy / Sonatype Nancy

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Deprecation notice: v1, v2, and v3 of the artifact actions

The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "SARIF file". Please update your workflow to use v4 of the artifact actions. Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/

Artifacts

Produced during runtime

Name	Size
SARIF file	37.2 KB