Kics #316
HariSekhonAnnotations
2 errors and 11 warnings
|
Kics / Kics Scan
CodeQL Action major versions v1 and v2 have been deprecated. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/
|
|
Kics / Kics Scan
KICS scan failed with exit code 50
|
|
Kics / Kics Scan
Node.js 20 is deprecated. The following actions target Node.js 20 but are being forced to run on Node.js 24: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/presto-dev-docker-compose.yml#L17
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/elasticsearch-elastic.co-docker-compose.yml#L17
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/registry-docker-compose.yml#L18
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/presto-docker-compose.yml#L17
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/elasticsearch-docker-compose.yml#L17
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/apache-drill-docker-compose.yml#L17
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/apache-drill-docker-compose.yml#L29
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[MEDIUM] Container Capabilities Unrestricted:
tests/docker/hbase-docker-compose.yml#L17
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[HIGH] Serverless Function Without Unique IAM Role:
gcp_cloud_function_sql_export/serverless.yml#L119
Serverless Function should not share IAM Role to ensure it will have the minimum privileges needed to perform the required tasks
|
|
[HIGH] Passwords And Secrets - Generic Password:
ambari_blueprints/hostmappings-hdfs-yarn-hbase-ha.json#L3
Query to find passwords and secrets in infrastructure code.
|