KICS #635
Annotations
12 warnings
Analyze
The following actions uses Node.js version which is deprecated and will be forced to run on node20: github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
Analyze
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
[MEDIUM] Array Without Maximum Number of Items (v3):
docs/api/negotiation_controller.yml#L44
Array schema should have the field 'maxItems' set
|
[MEDIUM] Array Without Maximum Number of Items (v3):
docs/api/negotiation_controller.yml#L84
Array schema should have the field 'maxItems' set
|
[MEDIUM] Array Without Maximum Number of Items (v3):
docs/api/negotiation_controller.yml#L36
Array schema should have the field 'maxItems' set
|
[MEDIUM] Array Without Maximum Number of Items (v3):
docs/api/negotiation_controller.yml#L76
Array schema should have the field 'maxItems' set
|
[MEDIUM] Array Without Maximum Number of Items (v3):
docs/api/negotiation_controller.yml#L52
Array schema should have the field 'maxItems' set
|
[MEDIUM] Array Without Maximum Number of Items (v3):
docs/api/negotiation_controller.yml#L22
Array schema should have the field 'maxItems' set
|
[MEDIUM] Container Capabilities Unrestricted:
frontend/docker-compose.yml#L3
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
[MEDIUM] Container Capabilities Unrestricted:
backend/docker-compose.yaml#L3
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
[MEDIUM] Container Running With Low UID:
charts/country-risk/templates/deployment-frontend.yaml#L58
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
[MEDIUM] Container Traffic Not Bound To Host Interface:
backend/docker-compose.yaml#L5
Incoming container traffic should be bound to a specific host interface
|