issue-21: actualisation de l'environnement de dev et maj des dépendances #27

Merged
mlamalle merged 4 commits from issue-21 into develop 2023-12-14 11:07:41 +01:00
Owner
  • Mise à jour du docker-compose.yaml pour utiliser symfony containers
    • Mise à jour des variables d'environnement
    • Mise à jour des ports
    • Mise à jour des volumes
  • Mise à jour des données de tests
    • Les données de tests étaient non fonctionnelles, mise à jour avec des nouveaux hash de mot de passe
  • Mise à jour des dépendances
    • composer.lock
    • package-lock.json
  • Mise à jour du readme.md
  • Mise à jour de la méthode verify de PasswordEncoder
    • Ne fonctionnait pas avec les algo SSHA et SHA256
      • Vérifie en priorité les hash commençant par {SSHA} avec la méthode custom de vérification des mots de passe LDAP
      • Essaye une vérification par la méthode password_verify de PHP permettant de vérifier les mots de passe générés par php avec des algorithmes modernes.
      • En fallback, essaie de vérifier le mot de passe en utilisant chaque algorithme compatible avec la méthode hash de php
- Mise à jour du docker-compose.yaml pour utiliser symfony containers - Mise à jour des variables d'environnement - Mise à jour des ports - Mise à jour des volumes - Mise à jour des données de tests - Les données de tests étaient non fonctionnelles, mise à jour avec des nouveaux hash de mot de passe - Mise à jour des dépendances - composer.lock - package-lock.json - Mise à jour du readme.md - Mise à jour de la méthode `verify` de PasswordEncoder - Ne fonctionnait pas avec les algo `SSHA` et `SHA256` - Vérifie en priorité les hash commençant par `{SSHA}` avec la méthode custom de vérification des mots de passe LDAP - Essaye une vérification par la méthode `password_verify` de PHP permettant de vérifier les mots de passe générés par php avec des algorithmes modernes. - En fallback, essaie de vérifier le mot de passe en utilisant chaque algorithme compatible avec la méthode `hash` de php
vcarroy added 1 commit 2023-12-13 15:58:36 +01:00
issue-21: actualisation de l'env de dev et maj dépendances
Some checks reported warnings
Cadoles/hydra-sql/pipeline/head This commit is unstable
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable
341a1ecd87
Owner

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 0
Skipped 0
Failed 1
Error 0

Total duration: 0s

See details
Status Name Class
src/Security/Hasher/PasswordEncoder

Errors

`src/Security/Hasher/PasswordEncoder`

Output

applied fixers:
---------------
* single_space_around_construct
* no_superfluous_phpdoc_tags
* phpdoc_trim_consecutive_blank_line_separation```

</details>





# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 0 | | Skipped | 0 | | Failed | 1 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10799; | `src/Security/Hasher/PasswordEncoder` || </details> <br /> #### Errors <details> <summary>`src/Security/Hasher/PasswordEncoder`</summary> **Output** ``` applied fixers: --------------- * single_space_around_construct * no_superfluous_phpdoc_tags * phpdoc_trim_consecutive_blank_line_separation``` </details>
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.13-pr27.1552.341a1ec (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.13-pr27.1552.341a1ec (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2023.12.13-pr27.1552.341a1ec (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2023.12.13-pr27.1552.341a1ec (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
mlamalle changed title from issue-21: actualisation de l'environnement de dev et maj des dépendances to WIP: issue-21: actualisation de l'environnement de dev et maj des dépendances 2023-12-13 16:05:11 +01:00
mlamalle added 1 commit 2023-12-14 10:25:33 +01:00
correction phpstan
Some checks reported warnings
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable
b5de7ee873
Owner

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.14-pr27.1025.b5de7ee (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.14-pr27.1025.b5de7ee (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2023.12.14-pr27.1025.b5de7ee (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2023.12.14-pr27.1025.b5de7ee (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
mlamalle added 1 commit 2023-12-14 10:57:33 +01:00
maj readme et correction env var
Some checks reported warnings
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable
3be77eabf5
Owner

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.14-pr27.1057.3be77ea (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.14-pr27.1057.3be77ea (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2023.12.14-pr27.1057.3be77ea (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2023.12.14-pr27.1057.3be77ea (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
mlamalle added 1 commit 2023-12-14 11:07:27 +01:00
maj gitignore
Some checks are pending
Cadoles/hydra-sql/pipeline/pr-develop Build started...
6ec21e4677
mlamalle changed title from WIP: issue-21: actualisation de l'environnement de dev et maj des dépendances to issue-21: actualisation de l'environnement de dev et maj des dépendances 2023-12-14 11:07:30 +01:00
mlamalle merged commit 740a7569e4 into develop 2023-12-14 11:07:41 +01:00
mlamalle deleted branch issue-21 2023-12-14 11:07:43 +01:00
Owner

Symfony Security Check Report

No packages have known vulnerabilities.

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= No packages have known vulnerabilities. Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.14-pr27.1107.6ec21e4 (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.14-pr27.1107.6ec21e4 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2023.12.14-pr27.1107.6ec21e4 (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2023.12.14-pr27.1107.6ec21e4 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Cadoles/hydra-sql#27
No description provided.