Skip to content
Security Testing

Add Golang SAST and SCA checks #2

Sign in to view logs

Add Golang SAST and SCA checks

Add Golang SAST and SCA checks #2

Re-run triggered July 26, 2024 15:14
@esimkowitzesimkowitz
#733
kamushadenes:feat/security_tests
Status Failure
Total duration 1m 16s
Artifacts

security.yml

on: pull_request
Perform SAST analysis (golangci-lint)
1m 4s
Perform SAST analysis (golangci-lint)
Perform SCA analysis (govulncheck)
30s
Perform SCA analysis (govulncheck)
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 6 warnings
Perform SCA analysis (govulncheck)
shellapi.GetLocalZshMajorVersion calls sync.Once.Do, which eventually calls http.CanonicalHeaderKey
Perform SCA analysis (govulncheck)
utilfn.DetectMimeType calls io.ReadAtLeast, which calls http.bodyEOFSignal.Read
Perform SCA analysis (govulncheck)
packet.PacketSender.SendMessageFmt calls fmt.Sprintf, which eventually calls http.http2ErrCode.String
Perform SCA analysis (govulncheck)
packet.PacketSender.SendMessageFmt calls fmt.Sprintf, which eventually calls http.http2FrameType.String
Perform SCA analysis (govulncheck)
packet.PacketSender.SendMessageFmt calls fmt.Sprintf, which eventually calls http.http2Setting.String
Perform SCA analysis (govulncheck)
packet.PacketSender.SendMessageFmt calls fmt.Sprintf, which eventually calls http.http2SettingID.String
Perform SCA analysis (govulncheck)
packet.DefaultUPR.UnknownPacket calls fmt.Fprintf, which eventually calls http.http2chunkWriter.Write
Perform SCA analysis (govulncheck)
packet.PacketSender.SendMessageFmt calls fmt.Sprintf, which eventually calls http.http2duplicatePseudoHeaderError.Error
Perform SCA analysis (govulncheck)
packet.PacketSender.SendMessageFmt calls fmt.Sprintf, which eventually calls http.http2headerFieldNameError.Error
Perform SCA analysis (govulncheck)
packet.PacketSender.SendMessageFmt calls fmt.Sprintf, which eventually calls http.http2headerFieldValueError.Error
Perform SCA analysis (govulncheck)
Restore cache failed: Dependencies file is not found in /home/runner/work/waveterm/waveterm. Supported file pattern: go.sum
Perform SAST analysis (golangci-lint)
Unexpected input(s) 'skip-pkg-cache', 'skip-build-cache', valid inputs are ['version', 'install-mode', 'working-directory', 'github-token', 'only-new-issues', 'skip-cache', 'skip-save-cache', 'problem-matchers', 'args', 'cache-invalidation-interval']
Perform SAST analysis (golangci-lint)
Restore cache failed: Dependencies file is not found in /home/runner/work/waveterm/waveterm. Supported file pattern: go.sum
Perform SAST analysis (golangci-lint)
Unexpected input(s) 'skip-pkg-cache', 'skip-build-cache', valid inputs are ['version', 'install-mode', 'working-directory', 'github-token', 'only-new-issues', 'skip-cache', 'skip-save-cache', 'problem-matchers', 'args', 'cache-invalidation-interval']
Perform SAST analysis (golangci-lint)
Unexpected input(s) 'skip-pkg-cache', 'skip-build-cache', valid inputs are ['version', 'install-mode', 'working-directory', 'github-token', 'only-new-issues', 'skip-cache', 'skip-save-cache', 'problem-matchers', 'args', 'cache-invalidation-interval']
Perform SAST analysis (golangci-lint)
Unexpected input(s) 'skip-pkg-cache', 'skip-build-cache', valid inputs are ['version', 'install-mode', 'working-directory', 'github-token', 'only-new-issues', 'skip-cache', 'skip-save-cache', 'problem-matchers', 'args', 'cache-invalidation-interval']