Skip to content

Fix ZAP DAST scan security issues and resolve GitHub Actions workflow failures #50

Fix ZAP DAST scan security issues and resolve GitHub Actions workflow failures

Fix ZAP DAST scan security issues and resolve GitHub Actions workflow failures #50

Triggered via pull request August 2, 2025 19:23
Status Success
Total duration 9m 52s
Artifacts 3

pr-preview.yml

on: pull_request
Fit to window
Zoom out
Zoom in

Annotations

5 warnings
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals: Dockerfile#L71
JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L18
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "AZURE_KEY_VAULT_ENABLED") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L17
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "DOCKER_ENV_PASSWORD") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
Variables should be defined before their use: Dockerfile#L16
UndefinedVar: Usage of undefined variable '$argBasedVersion' More info: https://docs.docker.com/go/dockerfile/rule/undefined-var/
Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L15
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "ARG_BASED_PASSWORD") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Artifacts

Produced during runtime
Name Size Digest
OWASP~wrongsecrets~MKOVTQ.dockerbuild Expired
147 KB
sha256:85a56bdee7702440987ec9082e780900d42a9dc8233944d6ff2b08ae5d0aec0b
visual-diff-pr-2121 Expired
1.72 MB
sha256:3208b6257a1ed9469d5fbdd5e0f164ba6ab5d693b57cd921d2532d35dd7edbb5
wrongsecrets-preview-pr-2121 Expired
336 MB
sha256:e3aefc74eb2608e20a9dc7a0c41dd64f7442e592fd8355d29404e0a2c951827c