🔖(deps): Update github/codeql-action digest to 883d858 (#853) #3159
5 new problems found by Qodana for JVM
Qodana for JVM
5 new problems were found
| Inspection name | Severity | Problems |
|---|---|---|
Vulnerable declared dependency |
🔶 Warning | 2 |
Deprecated API usage |
🔶 Warning | 1 |
Link specified as plain text |
🔶 Warning | 1 |
Vulnerable declared dependency |
◽️ Notice | 1 |
View the detailed Qodana report
To be able to view the detailed Qodana report, you can either:
- Register at Qodana Cloud and configure the action
- Use GitHub Code Scanning with Qodana
- Host Qodana report at GitHub Pages
- Inspect and use
qodana.sarif.json(see the Qodana SARIF format for details)
To get *.log files or any other Qodana artifacts, run the action with upload-result option set to true,
so that the action will upload the files as the job artifacts:
- name: 'Qodana Scan'
uses: JetBrains/[email protected]
with:
upload-result: trueContact Qodana team
Contact us at [email protected]
- Or via our issue tracker: https://jb.gg/qodana-issue
- Or share your feedback: https://jb.gg/qodana-discussions
Details
This result was published with Qodana GitHub Action
Annotations
github-actions / Qodana for JVM
Deprecated API usage
'setLenient()' is deprecated
github-actions / Qodana for JVM
Link specified as plain text
Link specified as plain text
Check warning on line 49 in github_action/pom.xml
github-actions / Qodana for JVM
Vulnerable declared dependency
Provides transitive vulnerable dependency maven:io.quarkus:quarkus-core:3.6.8
* [CVE-2024-2700](https://devhub.checkmarx.com/cve-details/CVE-2024-2700?utm_source=jetbrains&utm_medium=referral) 7.0 Exposure of Sensitive Information Through Environmental Variables vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
Check notice on line 49 in github_action/pom.xml
github-actions / Qodana for JVM
Vulnerable declared dependency
Provides transitive vulnerable dependency maven:io.netty:netty-codec-http:4.1.106.Final
* [CVE-2024-29025](https://devhub.checkmarx.com/cve-details/CVE-2024-29025?utm_source=jetbrains&utm_medium=referral) 5.3 Allocation of Resources Without Limits or Throttling vulnerability with Medium severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
Check warning on line 49 in github_action/pom.xml
github-actions / Qodana for JVM
Vulnerable declared dependency
Provides transitive vulnerable dependency maven:io.vertx:vertx-core:4.4.6
* [CVE-2024-1023](https://devhub.checkmarx.com/cve-details/CVE-2024-1023?utm_source=jetbrains&utm_medium=referral) 7.5 Exposure of Sensitive Information to an Unauthorized Actor vulnerability with High severity found
* [CVE-2024-1300](https://devhub.checkmarx.com/cve-details/CVE-2024-1300?utm_source=jetbrains&utm_medium=referral) 5.4 Uncontrolled Resource Consumption vulnerability with Medium severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)