Skip to content
scans

ci: Upgrade trunk #879

Sign in to view logs

ci: Upgrade trunk

ci: Upgrade trunk #879

Triggered via pull request August 11, 2025 13:50
@yxtayyxtay
synchronize #503
trunk-io/update-trunk
Status Failure
Total duration 3m 48s
Artifacts 9

scans.yml

on: pull_request
checkov
36s
checkov
clair
46s
clair
devskim
31s
devskim
dustilock
20s
dustilock
gitleaks
18s
gitleaks
grype
42s
grype
grype-container
1m 8s
grype-container
kics
41s
kics
megalinter
2m 24s
megalinter
msdo
1m 32s
msdo
osv-scan-pr  /  osv-scan
36s
osv-scan-pr / osv-scan
syft
53s
syft
trivy-fs
39s
trivy-fs
trivy-image
1m 6s
trivy-image
trufflehog
13s
trufflehog
trunk
1m 2s
trunk
vorpal
18s
vorpal
osv-scan-push  /  osv-scan
osv-scan-push / osv-scan
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 14 warnings
grype-container
Failed minimum severity level. Found vulnerabilities with level 'high' or higher
msdo
Input required and not supplied: sarif_file
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to find merge base between 2d738bd0ef28997a99e6614e2a7762dfc095b396 and 05d771f37252b2e3695f978cf2d7ee57fd98b13b
vorpal
Unable to locate the commit sha: 63025ae2f1bf692217ef41710f6c49557fb33621
[MEDIUM] Apt Get Install Pin Version Not Defined: Dockerfile#L94
When installing a package, its pin version should be defined
[MEDIUM] Apt Get Install Pin Version Not Defined: Dockerfile#L36
When installing a package, its pin version should be defined
[MEDIUM] Apt Get Install Pin Version Not Defined: Dockerfile#L46
When installing a package, its pin version should be defined
[MEDIUM] Apt Get Install Pin Version Not Defined: Dockerfile#L94
When installing a package, its pin version should be defined

Artifacts

Produced during runtime
Name Size Digest
SARIF file Expired
588 Bytes
sha256:63b157a86a6b06fa948766cc77387a01626e319debae0502769788fca6df66ac
gitleaks-results.sarif Expired
6.64 KB
sha256:70473c5e5fa4428ab5743780287b10d9c2ab52ce4ca54a54692c2102f74fd747
megalinter-reports Expired
636 KB
sha256:b5a4b8226d0b4fb385e26e047b123791eb26194ee7620d92a3b2d686076b1286
new-json-results Expired
241 Bytes
sha256:bf7b5df4a35a62309aa238a7dddd15516e5b3ae28caedaaeb6caa0e2348d430d
old-json-results Expired
241 Bytes
sha256:8ecca269d7d2441714cfac99e5dcd0dc8cf971414a98417f73c55e24e9ae3599
python-example-app-syft.spdx.json Expired
18.2 KB
sha256:34e1528f27b745fbf9187c8cbd3e341acaf15f033322435d984dc0af59e545ed
yxtay~python-example-app~QR41GE.dockerbuild Expired
19.2 KB
sha256:5dc47d74f84b4045ba48723be1889687c364eca78d1a0669dd844b6b4fae3f1e
yxtay~python-example-app~R89L5L.dockerbuild Expired
18.6 KB
sha256:543247c26f2f3c5ca6a58a1665066c71016d6e23f49321fce51ce24303ee7216
yxtay~python-example-app~SVPXFS.dockerbuild Expired
20.5 KB
sha256:2a3a48d3e18290da68428c425a4aa9d6e31dc7ee881f55ceaf430c4c124795ca