Skip to content

Security

Security #257

Triggered via schedule January 23, 2024 11:02
Status Failure
Total duration 36s
Artifacts

security.yml

on: schedule
Fit to window
Zoom out
Zoom in

Annotations

5 errors and 2 warnings
Docker Scan
Unable to process command '::set-env name=RELEASE_VERSION::' successfully.
Docker Scan
The `set-env` command is disabled. Please upgrade to using Environment Files or opt into unsecure command execution by setting the `ACTIONS_ALLOW_UNSECURE_COMMANDS` environment variable to `true`. For more information see: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
Go Scan
This version of the CodeQL Action was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/
Go Scan
Failure invoking /opt/hostedtoolcache/CodeQL/2.15.5/x64/codeql/go/tools/autobuild.sh with arguments . Exit code 1 and error was: 2024/01/23 11:02:56 Autobuilder was built with go1.21.5, environment has go1.20.12 2024/01/23 11:02:56 LGTM_SRC is /home/runner/work/iron-redis/iron-redis 2024/01/23 11:02:56 Found go.mod, enabling go modules 2024/01/23 11:02:56 Import path is 'github.com/ironpeakservices/iron-redis' 2024/01/23 11:02:56 Build failed, continuing to install dependencies. 2024/01/23 11:02:56 Skipping dependency installation because a Go vendor directory was found. 2024/01/23 11:02:56 Running extractor command '/opt/hostedtoolcache/CodeQL/2.15.5/x64/codeql/go/tools/linux64/go-extractor [-mod=vendor ./...]' from directory 'healthcheck'. 2024/01/23 11:02:57 Build flags: '-mod=vendor'; patterns: './...' 2024/01/23 11:02:57 Running packages.Load. 2024/01/23 11:02:57 Error running go tooling: err: exit status 1: stderr: go: inconsistent vendoring in /home/runner/work/iron-redis/iron-redis/healthcheck: github.com/go-redis/[email protected]+incompatible: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/go-redis/[email protected]+incompatible To ignore the vendor directory, use -mod=readonly or -mod=mod. To sync the vendor directory, run: go mod vendor 2024/01/23 11:02:57 Extraction failed: exit status 1
Go Scan
This version of the CodeQL Action was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/
Go Scan
The following actions uses node12 which is deprecated and will be forced to run on node16: github/codeql-action/init@v1, github/codeql-action/analyze@v1. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
Go Scan
1 issue was detected with this workflow: git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results.