Maj env et doc #26

Merged
mlamalle merged 1 commits from redis-sentinel into develop 2023-12-12 08:48:59 +01:00
Owner

Description

Mise à jour de la variable d'environnement REDIS_DSN et du readme

## Description Mise à jour de la variable d'environnement REDIS_DSN et du readme
mlamalle added 1 commit 2023-12-12 08:48:52 +01:00
Maj env et doc
Some checks are pending
Cadoles/hydra-sql/pipeline/head Build started...
Cadoles/hydra-sql/pipeline/pr-develop Build started...
abb1adecb7
mlamalle merged commit 72e912facb into develop 2023-12-12 08:48:59 +01:00
mlamalle deleted branch redis-sentinel 2023-12-12 08:49:02 +01:00
Owner

Symfony Security Check Report

2 packages have known vulnerabilities.

symfony/security-http (v5.4.23)

symfony/twig-bridge (v5.4.22)

  • CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= 2 packages have known vulnerabilities. symfony/security-http (v5.4.23) ------------------------------- * [CVE-2023-46733][]: Possible session fixation symfony/twig-bridge (v5.4.22) ----------------------------- * [CVE-2023-46734][]: Potential XSS vulnerabilities in CodeExtension filters [CVE-2023-46733]: https://symfony.com/cve-2023-46733 [CVE-2023-46734]: https://symfony.com/cve-2023-46734 Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Vérification échouée mais aucun rapport trouvé !? 🤔

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) _Vérification échouée mais aucun rapport trouvé !?_ :thinking:
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2023.12.12-pr26.847.abb1ade (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target Node.js

Vulnerabilities (9)

Package ID Severity Installed Version Fixed Version
@babel/traverse CVE-2023-45133 CRITICAL 7.20.5 7.23.2, 8.0.0-alpha.4
json5 CVE-2022-46175 HIGH 2.2.1 2.2.2, 1.0.2
postcss CVE-2023-44270 MEDIUM 8.4.20 8.4.31
semver CVE-2022-25883 MEDIUM 6.3.0 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
webpack CVE-2023-28154 CRITICAL 5.75.0 5.76.0

No Misconfigurations found

Target app/composer.lock

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
symfony/security-http CVE-2023-46733 MEDIUM v5.4.23 6.2.0, 6.3.0, 6.3.8, 5.4.31, 6.1.0
symfony/twig-bridge CVE-2023-46734 MEDIUM v5.4.22 2.2.0, 2.8.0, 3.1.0, 4.2.0, 5.1.0, 5.4.0, 6.3.0, 2.3.0, 3.4.0, 4.4.0, 5.3.0, 4.1.0, 5.2.0, 4.0.0, 4.4.51, 6.1.0, 2.4.0, 2.5.0, 3.0.0, 3.3.0, 2.1.0, 3.2.0, 6.3.8, 2.7.0, 5.4.31, 6.2.0, 2.6.0, 4.3.0

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2023.12.12-pr26.847.abb1ade (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (9)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>@babel/traverse</code></td> <td>CVE-2023-45133</td> <td>CRITICAL</td> <td>7.20.5</td> <td>7.23.2, 8.0.0-alpha.4</td> </tr> <tr> <td><code>json5</code></td> <td>CVE-2022-46175</td> <td>HIGH</td> <td>2.2.1</td> <td>2.2.2, 1.0.2</td> </tr> <tr> <td><code>postcss</code></td> <td>CVE-2023-44270</td> <td>MEDIUM</td> <td>8.4.20</td> <td>8.4.31</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>6.3.0</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>webpack</code></td> <td>CVE-2023-28154</td> <td>CRITICAL</td> <td>5.75.0</td> <td>5.76.0</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>app/composer.lock</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>symfony/security-http</code></td> <td>CVE-2023-46733</td> <td>MEDIUM</td> <td>v5.4.23</td> <td>6.2.0, 6.3.0, 6.3.8, 5.4.31, 6.1.0</td> </tr> <tr> <td><code>symfony/twig-bridge</code></td> <td>CVE-2023-46734</td> <td>MEDIUM</td> <td>v5.4.22</td> <td>2.2.0, 2.8.0, 3.1.0, 4.2.0, 5.1.0, 5.4.0, 6.3.0, 2.3.0, 3.4.0, 4.4.0, 5.3.0, 4.1.0, 5.2.0, 4.0.0, 4.4.51, 6.1.0, 2.4.0, 2.5.0, 3.0.0, 3.3.0, 2.1.0, 3.2.0, 6.3.8, 2.7.0, 5.4.31, 6.2.0, 2.6.0, 4.3.0</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Cadoles/hydra-sql#26
No description provided.