Skip to content
Infrastructure Security Scan (local repository)

chore(deps-dev): bump the auto-tagger-dev group in /auto-tagger with 3 updates [#patch] #223

Sign in to view logs

chore(deps-dev): bump the auto-tagger-dev group in /auto-tagger with 3 updates [#patch]

chore(deps-dev): bump the auto-tagger-dev group in /auto-tagger with 3 updates [#patch] #223

Triggered via pull request October 27, 2024 11:55
@notdodonotdodo
synchronize #91
dependabot/pip/auto-tagger/auto-tagger-dev-dbe2aaae80
Status Failure
Total duration 39s
Artifacts

local-kics.yml

on: pull_request
infra-scan  /  Scan with Kics
27s
infra-scan / Scan with Kics
infra-scan  /  Check Makefile
8s
infra-scan / Check Makefile
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 3 warnings
infra-scan / Check Makefile
Process completed with exit code 2.
infra-scan / Scan with Kics
KICS scan failed with exit code 40
[MEDIUM] Unpinned Package Version in Pip Install: auto-tagger/Dockerfile#L18
Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
[LOW] Multiple RUN, ADD, COPY, Instructions Listed: auto-tagger/Dockerfile#L31
Multiple commands (RUN, COPY, ADD) should be grouped in order to reduce the number of layers.
[LOW] Pip install Keeping Cached Packages: auto-tagger/Dockerfile#L18
When installing packages with pip, the '--no-cache-dir' flag should be set to make Docker images smaller