chore(deps): update dependency django to v4 [security] #266
pr-open.yml
on: pull_request
Annotations
8 warnings
Sensitive data should not be used in the ARG or ENV commands:
backend/Dockerfile#L10
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "DATABASE_PASSWORD")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
backend/Dockerfile#L14
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "DJANGO_SECRET_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
backend/Dockerfile#L19
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "MINIO_ACCESS_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
backend/Dockerfile#L20
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "MINIO_SECRET_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
backend/Dockerfile#L27
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "SSO_AUTH_HOST")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
backend/Dockerfile#L39
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "S3_PUBLIC_ACCESS_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
backend/Dockerfile#L40
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "S3_PUBLIC_SECRET_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
backend/Dockerfile#L78
JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
Artifacts
Produced during runtime
Name | Size | |
---|---|---|
bcgov~nr-gwells~OEPT7Z.dockerbuild
|
16.8 KB |
|
bcgov~nr-gwells~SFP1N9.dockerbuild
|
113 KB |
|