Skip to content
KICS security and vulnerability scanner

chore(deps): bump mikefarah/yq from 4.44.3 to 4.44.5 #2062

Sign in to view logs

chore(deps): bump mikefarah/yq from 4.44.3 to 4.44.5

chore(deps): bump mikefarah/yq from 4.44.3 to 4.44.5 #2062

Triggered via pull request November 18, 2024 11:07
@dependabotdependabot[bot]
opened #905
dependabot/github_actions/mikefarah/yq-4.44.5
Status Success
Total duration 1m 4s
Artifacts 1

kics.yml

on: pull_request
Analyze
48s
Analyze
Fit to window
Zoom out
Zoom in

Annotations

10 warnings
[MEDIUM] Using Unrecommended Namespace: charts/item-relationship-service/templates/configmap-spring-app-config.yaml#L26
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[MEDIUM] Using Unrecommended Namespace: charts/item-relationship-service/templates/deployment.yaml#L24
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[MEDIUM] Using Unrecommended Namespace: charts/item-relationship-service/templates/service.yaml#L25
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[LOW] Image Pull Policy Of The Container Is Not Set To Always: charts/item-relationship-service/templates/deployment.yaml#L58
Image Pull Policy of the container must be defined and set to Always
[LOW] Image Without Digest: charts/item-relationship-service/templates/deployment.yaml#L58
Images should be specified together with their digests to ensure integrity
[LOW] Missing AppArmor Profile: charts/item-relationship-service/templates/deployment.yaml#L40
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
[LOW] Pod or Container Without LimitRange: charts/item-relationship-service/templates/deployment.yaml#L23
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
[LOW] Pod or Container Without ResourceQuota: charts/item-relationship-service/templates/deployment.yaml#L23
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
[LOW] Secrets As Environment Variables: charts/item-relationship-service/templates/deployment.yaml#L73
Container should not use secrets as environment variables
[LOW] Secrets As Environment Variables: charts/item-relationship-service/templates/deployment.yaml#L73
Container should not use secrets as environment variables

Artifacts

Produced during runtime
Name Size
kicsResults.json
6.72 KB