Docker vulnerability scan #677
Annotations
3 warnings
|
Docker vulnerability scan
Unexpected input(s) 'security-checks', valid inputs are ['entryPoint', 'args', 'scan-type', 'image-ref', 'input', 'scan-ref', 'exit-code', 'ignore-unfixed', 'vuln-type', 'severity', 'format', 'template', 'output', 'skip-dirs', 'skip-files', 'cache-dir', 'timeout', 'ignore-policy', 'hide-progress', 'list-all-pkgs', 'scanners', 'trivyignores', 'artifact-type', 'github-pat', 'trivy-config', 'tf-vars', 'limit-severities-for-sarif', 'docker-host']
|
|
The following actions use a deprecated Node.js version and will be forced to run on node20: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355, aws-actions/amazon-ecr-login@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Login to ECR
Your docker password is not masked. See https://github.com/aws-actions/amazon-ecr-login#docker-credentials for more information. The default value of the 'mask-password' input has changed from 'false' to 'true' in the v2 release. See https://github.com/aws-actions/amazon-ecr-login/issues/526 for more information.
|
Loading