[06 Jan 2025 12:19:29,0442] PIPELINE-SCAN INFO: Pipeline Scan Tool Version 24.12.1-0. [06 Jan 2025 12:19:29,0456] PIPELINE-SCAN INFO: Loading policy file Alfresco_Default.json [06 Jan 2025 12:19:29,0459] PIPELINE-SCAN INFO: Successfully retrieved the policy [06 Jan 2025 12:19:29,0459] PIPELINE-SCAN INFO: Policy name: Alfresco Default [06 Jan 2025 12:19:29,0459] PIPELINE-SCAN INFO: CWE filter: [06 Jan 2025 12:19:29,0459] PIPELINE-SCAN INFO: Severity filter: 3, 4, 5, [06 Jan 2025 12:19:29,0460] PIPELINE-SCAN INFO: Beginning scanning of 'distribution/target/alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip'. [06 Jan 2025 12:19:29,0463] PIPELINE-SCAN INFO: Sending 123117212 bytes to the server for analysis. [06 Jan 2025 12:20:08,0812] PIPELINE-SCAN INFO: Upload complete. [06 Jan 2025 12:20:08,0812] PIPELINE-SCAN INFO: Scan ID: 702e50d5-e4fb-49bf-8769-56acf4e3b6f7 [06 Jan 2025 12:20:09,0056] PIPELINE-SCAN INFO: Analysis Started. =========================== Found 6 Scannable modules. =========================== alfresco-hxinsight-connector-bulk-ingester-1.0.2-SNAPSHOT-app.jar alfresco-hxinsight-connector-hxinsight-extension-1.0.2-SNAPSHOT.jar alfresco-hxinsight-connector-live-ingester-1.0.2-SNAPSHOT-app.jar alfresco-hxinsight-connector-prediction-applier-1.0.2-SNAPSHOT-app.jar JS files within spring-security-web-6.4.2.jar JS files within alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip [06 Jan 2025 12:22:52,0709] PIPELINE-SCAN INFO: Analysis Complete. [06 Jan 2025 12:22:52,0734] PIPELINE-SCAN INFO: Analysis Results: Received 5159 bytes in 203274ms. [06 Jan 2025 12:22:52,0736] PIPELINE-SCAN INFO: Writing Raw JSON Results to file '/home/runner/work/hxinsight-connector/hxinsight-connector/results.json'. [06 Jan 2025 12:22:52,0738] PIPELINE-SCAN INFO: Applying custom severity 4 to cwe 80 [06 Jan 2025 12:22:52,0740] PIPELINE-SCAN INFO: Writing Filtered JSON Results to file '/home/runner/work/hxinsight-connector/hxinsight-connector/filtered_results.json'. Scan Summary: PIPELINE_SCAN_VERSION: 24.12.1-0 DEV-STAGE: DEVELOPMENT PROJECT-NAME: hxinsight-connector SCAN_ID: 702e50d5-e4fb-49bf-8769-56acf4e3b6f7 SCAN_STATUS: SUCCESS SCAN_MESSAGE: Scan successful. Results size: 4388 bytes ==================== Analysis Successful. ==================== ========================== Found 6 Scannable modules. ========================== alfresco-hxinsight-connector-bulk-ingester-1.0.2-SNAPSHOT-app.jar alfresco-hxinsight-connector-hxinsight-extension-1.0.2-SNAPSHOT.jar alfresco-hxinsight-connector-live-ingester-1.0.2-SNAPSHOT-app.jar alfresco-hxinsight-connector-prediction-applier-1.0.2-SNAPSHOT-app.jar JS files within spring-security-web-6.4.2.jar JS files within alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip =================== Analyzed 6 modules. =================== alfresco-hxinsight-connector-bulk-ingester-1.0.2-SNAPSHOT-app.jar alfresco-hxinsight-connector-hxinsight-extension-1.0.2-SNAPSHOT.jar alfresco-hxinsight-connector-live-ingester-1.0.2-SNAPSHOT-app.jar alfresco-hxinsight-connector-prediction-applier-1.0.2-SNAPSHOT-app.jar JS files within spring-security-web-6.4.2.jar JS files within alfresco-hxinsight-connector-distribution-1.0.2-SNAPSHOT.zip ================== Analyzed 2 issues. ================== -------------------------------- Found 1 issues of High severity. -------------------------------- CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS): org/springframework/security/spring-security-webauthn.js:199 Details: <span>This call to href() contains a cross-site scripting (XSS) flaw. The application populates the HTTP response with untrusted input, allowing an attacker to embed malicious content, such as Javascript code, which will be executed in the context of the victim's browser. XSS vulnerabilities are commonly exploited to steal or manipulate cookies, modify presentation of content, and compromise confidential information, with new attack vectors being discovered on a regular basis. </span> <span>Use contextual escaping on all untrusted

Run e2e tests using ACS 7.4.2 on Java 11

Process completed with exit code 1.

pre_commit

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build and test application (common-test)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build and test application (common)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build and test application (common-authentication)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build and test application (bulk-ingester)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build application with distribution profile (7.4.2)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Veracode - Source Clear Scan (SCA)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build application with distribution profile (7.3.2)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build and test application (hxinsight-extension)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build application with distribution profile (23.3.0)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build and test application (prediction-applier)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Build and test application (live-ingester)

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Pipeline SAST Scan

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Run e2e tests using ACS 23.3.0

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Run e2e tests using ACS 7.3.2

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Run e2e tests using ACS 7.4.2 on Java 11

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Run e2e tests using ACS 7.4.2

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Publish SNAPSHOT artifacts

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Push docker images

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Run e2e tests using ACS 7.3.2 on Java 11

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Artifacts

Produced during runtime

Name	Size
Veracode Pipeline-Scan Results	3.69 KB

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #786 from Alfresco/dependabot/github_actions/Alfre… #4733

Summary

Merge pull request #786 from Alfresco/dependabot/github_actions/Alfre… #4733

Jobs

Run details

ci.yml

Annotations

Artifacts