ci: fix astral-sh/setup-uv version comment tags to match v8.0.0 SHA #28
dependabot[bot]integration-tests.yml
on: pull_request
Matrix: integration-test
Validate results
9s
Annotations
26 errors, 42 warnings, and 9 notices
|
Test 12
Process completed with exit code 1.
|
|
Test 12
Process completed with exit code 1.
|
|
Test 12:
integration-tests/cases/12-uv-flat-bandit-only/app.py#L5
[B602] subprocess call with shell=True identified, security issue.
|
|
Test 03
Process completed with exit code 1.
|
|
Test 03
Process completed with exit code 1.
|
|
Test 03:
integration-tests/cases/03-requirements-multi-both/src/processor.py#L8
[B602] subprocess call with shell=True identified, security issue.
|
|
Test 02
Process completed with exit code 1.
|
|
Test 02
Process completed with exit code 1.
|
|
Test 02:
integration-tests/cases/02-requirements-src-bandit/src/app.py#L8
[B602] subprocess call with shell=True identified, security issue.
|
|
Test 06
Process completed with exit code 1.
|
|
Test 06
Process completed with exit code 1.
|
|
Test 06:
integration-tests/cases/06-uv-multi-bandit/scripts/digest.py#L8
[B324] Use of weak MD5 hash for security. Consider usedforsecurity=False
|
|
Test 14
Process completed with exit code 1.
|
|
Test 14
Process completed with exit code 1.
|
|
Test 05
Process completed with exit code 1.
|
|
Test 05
Process completed with exit code 1.
|
|
Test 13
Process completed with exit code 1.
|
|
Test 13
Process completed with exit code 1.
|
|
Test 10
Process completed with exit code 1.
|
|
Test 10
Process completed with exit code 1.
|
|
Test 10:
integration-tests/cases/10-pipenv-multi-bandit/src/handler.py#L8
[B602] subprocess call with shell=True identified, security issue.
|
|
Test 10:
integration-tests/cases/10-pipenv-multi-bandit/scripts/deploy.py#L8
[B602] subprocess call with shell=True identified, security issue.
|
|
Test 08
Process completed with exit code 1.
|
|
Test 08
Process completed with exit code 1.
|
|
Test 08:
integration-tests/cases/08-poetry-src-both/src/auth.py#L8
[B324] Use of weak MD5 hash for security. Consider usedforsecurity=False
|
|
Validate results
Process completed with exit code 1.
|
|
Test 03
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 03
pip-audit: cryptography@38.0.0 — PYSEC-2024-225 (fix: 42.0.4)
|
|
Test 03
pip-audit: cryptography@38.0.0 — PYSEC-2024-225 (fix: 42.0.4)
|
|
Test 03
pip-audit: cryptography@38.0.0 — PYSEC-2023-254 (fix: 41.0.6)
|
|
Test 03
pip-audit: cryptography@38.0.0 — PYSEC-2023-254 (fix: 41.0.6)
|
|
Test 03
pip-audit: cryptography@38.0.0 — PYSEC-2023-11 (fix: 39.0.1)
|
|
Test 03
pip-audit: requests@2.25.0 — CVE-2026-25645 (fix: 2.33.0)
|
|
Test 03
pip-audit: requests@2.25.0 — CVE-2024-47081 (fix: 2.32.4)
|
|
Test 03
pip-audit: requests@2.25.0 — CVE-2024-35195 (fix: 2.32.0)
|
|
Test 03
pip-audit: requests@2.25.0 — PYSEC-2023-74 (fix: 2.31.0)
|
|
Test 03
pip-audit: requests@2.25.0 — PYSEC-2023-74 (fix: 2.31.0)
|
|
Test 11
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 04
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 02
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 06
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-unknown-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 06
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 06:
integration-tests/cases/06-uv-multi-bandit/src/parser.py#L8
[B506] Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load().
|
|
Test 09
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 05
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-unknown-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 05
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 05
pip-audit: urllib3@1.26.20 — CVE-2025-66471 (fix: 2.6.0)
|
|
Test 05
pip-audit: urllib3@1.26.20 — CVE-2025-66418 (fix: 2.6.0)
|
|
Test 05
pip-audit: urllib3@1.26.20 — CVE-2025-50181 (fix: 2.5.0)
|
|
Test 05
pip-audit: requests@2.25.0 — CVE-2026-25645 (fix: 2.33.0)
|
|
Test 05
pip-audit: requests@2.25.0 — CVE-2024-47081 (fix: 2.32.4)
|
|
Test 05
pip-audit: requests@2.25.0 — CVE-2024-35195 (fix: 2.32.0)
|
|
Test 05
pip-audit: requests@2.25.0 — PYSEC-2023-74 (fix: 2.31.0)
|
|
Test 05
pip-audit: requests@2.25.0 — PYSEC-2023-74 (fix: 2.31.0)
|
|
Test 05
pip-audit: idna@2.10 — PYSEC-2024-60 (fix: 3.7)
|
|
Test 05
pip-audit: idna@2.10 — PYSEC-2024-60 (fix: 3.7)
|
|
Test 13
Failed to save: Unable to reserve cache with key setup-uv-2-x86_64-unknown-linux-gnu-ubuntu-24.04-3.13-pruned-5d2745ca726c7ba62f3a0ab16a94c41d3331bca3487da9a124cec7e5da040638, another job may be creating this cache.
|
|
Test 13
pip-audit: pygments@2.19.2 — CVE-2026-4539 (fix: 2.20.0)
|
|
Test 08
pip-audit: cryptography@38.0.0 — GHSA-jm77-qphf-c4w8 (fix: 41.0.3)
|
|
Test 08
pip-audit: cryptography@38.0.0 — GHSA-5cpq-8wj7-hf2v (fix: 41.0.0)
|
|
Test 08
pip-audit: cryptography@38.0.0 — CVE-2023-0286 (fix: 39.0.1)
|
|
Test 08
pip-audit: cryptography@38.0.0 — GHSA-39hc-v87j-747x (fix: 38.0.3)
|
|
Test 08
pip-audit: cryptography@38.0.0 — PYSEC-2023-11 (fix: 39.0.1)
|
|
Test 08
pip-audit: cryptography@38.0.0 — PYSEC-2024-225 (fix: 42.0.4)
|
|
Test 08
pip-audit: cryptography@38.0.0 — PYSEC-2024-225 (fix: 42.0.4)
|
|
Test 08
pip-audit: cryptography@38.0.0 — PYSEC-2023-254 (fix: 41.0.6)
|
|
Test 08
pip-audit: cryptography@38.0.0 — PYSEC-2023-254 (fix: 41.0.6)
|
|
Test 08
pip-audit: cryptography@38.0.0 — PYSEC-2023-11 (fix: 39.0.1)
|
|
Test 12:
integration-tests/cases/12-uv-flat-bandit-only/app.py#L2
[B404] Consider possible security implications associated with the subprocess module.
|
|
Test 03:
integration-tests/cases/03-requirements-multi-both/src/processor.py#L2
[B404] Consider possible security implications associated with the subprocess module.
|
|
Test 03:
integration-tests/cases/03-requirements-multi-both/scripts/run.py#L7
[B105] Possible hardcoded password: 'hardcoded_db_pass'
|
|
Test 02:
integration-tests/cases/02-requirements-src-bandit/src/app.py#L14
[B105] Possible hardcoded password: 'supersecret123'
|
|
Test 02:
integration-tests/cases/02-requirements-src-bandit/src/app.py#L2
[B404] Consider possible security implications associated with the subprocess module.
|
|
Test 14:
integration-tests/cases/14-uv-low-threshold/app.py#L4
[B101] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
|
|
Test 10:
integration-tests/cases/10-pipenv-multi-bandit/src/handler.py#L2
[B404] Consider possible security implications associated with the subprocess module.
|
|
Test 10:
integration-tests/cases/10-pipenv-multi-bandit/scripts/deploy.py#L2
[B404] Consider possible security implications associated with the subprocess module.
|
|
Test 08:
integration-tests/cases/08-poetry-src-both/src/auth.py#L14
[B105] Possible hardcoded password: 'dev_secret_token_abc123'
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
security-audit-01
|
941 Bytes |
sha256:80d66b6cf82ff7744fc7c803cdb4d785a86fd277af7fc04e46a98f5b1a185646
|
|
|
security-audit-02
|
1.73 KB |
sha256:8fdf575ef4ea2d67a75a2571cb0efe5801268dc9068d9ee21a8e2efe12ffa661
|
|
|
security-audit-03
|
9.88 KB |
sha256:e85c8a4f25a076f8f74c0db00f3fc726e51fcd919d0a10713d8144d4043ceefe
|
|
|
security-audit-04
|
563 Bytes |
sha256:e29e4e6aae20efa25ba9a85aff06bd1fe7b05f2227476324287b2c4ba665e48d
|
|
|
security-audit-05
|
5.9 KB |
sha256:fdc7939bb7f3f756a31747e9c86779c20423f3acbb4e089f040a1b2f36eafc31
|
|
|
security-audit-06
|
1.16 KB |
sha256:cfb7c863f49aaf8e871479a2f956c7813dd35bd73f12257f2bcfd7dfa0db2cf0
|
|
|
security-audit-07
|
922 Bytes |
sha256:459b4ab38bf6c7e5b122019fe4c4f5dcec6feed3085ae491e940db7a6eb49741
|
|
|
security-audit-08
|
9.63 KB |
sha256:b5f7cc5146b0ca6d911450624376acc86085da98ac6c0eac98b9895885d206fb
|
|
|
security-audit-09
|
938 Bytes |
sha256:30bad08032a255ba196c8d641ca7964c9cf08281906c7a6c7aef403a6561a31f
|
|
|
security-audit-10
|
1.54 KB |
sha256:87189a507aa3a330faf944236811a97a7013f773729b1b28c4b2a7298bfda590
|
|
|
security-audit-11
|
853 Bytes |
sha256:a7d47d5bd119e5494f235eb6d6aad41b7ec0c17001f6d1446c7cddac5336c6bd
|
|
|
security-audit-12
|
1.17 KB |
sha256:4d5186a009465712367cb524eb1ed0793172753921e394db629e98f339759461
|
|
|
security-audit-13
|
1.17 KB |
sha256:e4708fbe5d404be613d6b966f3099748cb395a5b6182ab89a243c710f881db8d
|
|
|
security-audit-14
|
1019 Bytes |
sha256:33d5908f17d368517d6143f62f7d7b2959feaf953783ec6e189938278c5b59e6
|
|
|
test-outcome-01
|
146 Bytes |
sha256:07949397973352af7a668da38c3ac2eae745c2adbcf06f375db1b40ab3608756
|
|
|
test-outcome-02
|
146 Bytes |
sha256:9f4f190f2194c0f3674d7d06cc89db12af650509068656ba134a38b8cf39f852
|
|
|
test-outcome-03
|
146 Bytes |
sha256:4f159f8e12ce6b9c021ebd9a90879f530be6f8a6f1d4341020d0cf5d03bc83a6
|
|
|
test-outcome-04
|
146 Bytes |
sha256:59577fab44da242c4a230ce8dd786abd6cfcf30c1cff690f9b439327dc366c20
|
|
|
test-outcome-05
|
146 Bytes |
sha256:5adc3cfddd71b0ab6c3f872d4978d83b4d10a7399b13bee7b0aa1cc41644859c
|
|
|
test-outcome-06
|
146 Bytes |
sha256:4f159f8e12ce6b9c021ebd9a90879f530be6f8a6f1d4341020d0cf5d03bc83a6
|
|
|
test-outcome-07
|
146 Bytes |
sha256:69111d6126ed027e171be3979b2781b2aabaf67bbc19c0524e4c53a6a348c2b2
|
|
|
test-outcome-08
|
146 Bytes |
sha256:fbc838aa6ad9748fd43fd1f7441baedf4f1cbd7696bbf9a3cb3b2c20e9e76b06
|
|
|
test-outcome-09
|
146 Bytes |
sha256:f79fc857ed9c59f6362e8ea2b82a595d36a6ef598360a9edfa07535c434c6488
|
|
|
test-outcome-10
|
146 Bytes |
sha256:96cbc7121660ca5eb69c33b82ae395cd8645b15488ade4ef79c8a08062f776db
|
|
|
test-outcome-11
|
146 Bytes |
sha256:f79fc857ed9c59f6362e8ea2b82a595d36a6ef598360a9edfa07535c434c6488
|
|
|
test-outcome-12
|
146 Bytes |
sha256:b23f64d627be81028b5dd1137dff125a4616d5f4a31a8e43ee8214a59254d292
|
|
|
test-outcome-13
|
146 Bytes |
sha256:5adc3cfddd71b0ab6c3f872d4978d83b4d10a7399b13bee7b0aa1cc41644859c
|
|
|
test-outcome-14
|
146 Bytes |
sha256:9f4f190f2194c0f3674d7d06cc89db12af650509068656ba134a38b8cf39f852
|
|