-
-
Save underyx/0367f8bca91ab1a60721a6af210448d4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2021-08-26T15:03:37.2041236Z ┏━━━━━━━━━━━━━━━━━━━━━━━━┓ | |
2021-08-26T15:03:37.2042671Z ┃ 1/6 system information ┃ | |
2021-08-26T15:03:37.2043451Z ┗━━━━━━━━━━━━━━━━━━━━━━━━┛ | |
2021-08-26T15:03:37.2043773Z | |
2021-08-26T15:03:37.2044513Z versions - semgrep 0.62.0 on Python 3.9.6 | |
2021-08-26T15:03:37.2045655Z environment - running in environment github-actions, triggering event is 'pull_request' | |
2021-08-26T15:03:37.2046768Z scan mode - diff (reporting only new issues) | |
2021-08-26T15:03:37.2047634Z Semgrep App - logged in as deployment #1 | |
2021-08-26T15:03:37.2048052Z | |
2021-08-26T15:03:37.2048651Z ┏━━━━━━━━━━━━━━━━━━━━━━━━┓ | |
2021-08-26T15:03:37.2049266Z ┃ 2/6 rules ┃ | |
2021-08-26T15:03:37.2049900Z ┗━━━━━━━━━━━━━━━━━━━━━━━━┛ | |
2021-08-26T15:03:37.2056732Z | |
2021-08-26T15:03:37.2057797Z policy - Web Apps, XSS audit | |
2021-08-26T15:03:37.2058623Z rules - loaded 852 semgrep rules | |
2021-08-26T15:03:37.2059676Z inventory - collecting inventory data with 542 code asset inventory rules | |
2021-08-26T15:03:37.2060198Z | |
2021-08-26T15:03:37.2060816Z ┏━━━━━━━━━━━━━━━━━━━━━━━━┓ | |
2021-08-26T15:03:37.2061659Z ┃ 3/6 target files ┃ | |
2021-08-26T15:03:37.2062323Z ┗━━━━━━━━━━━━━━━━━━━━━━━━┛ | |
2021-08-26T15:03:37.2062629Z | |
2021-08-26T15:03:37.2063529Z ignore patterns - .semgrepignore found, added Semgrep App's ignore patterns | |
2021-08-26T15:03:37.2064853Z git status - checked out HEAD ref 5c1f11cac9c4f3b5ed4c4d2ab2d6400d47758a4c | |
2021-08-26T15:03:37.2065593Z | |
2021-08-26T15:03:37.2066193Z will report findings introduced by these commits: | |
2021-08-26T15:03:37.2066834Z * 5c1f11c update tests | |
2021-08-26T15:03:37.2067612Z * 7cb1b1d Change terminology to use sign in and sign out instead of login or log in and logout or log out | |
2021-08-26T15:03:37.2068200Z | |
2021-08-26T15:03:37.2068933Z candidate paths - 11 paths changed in PR #79 | |
2021-08-26T15:03:37.2069843Z ignored paths - 3 paths discarded by ignore patterns | |
2021-08-26T15:03:37.2070718Z target paths - scanning 8 files | |
2021-08-26T15:03:37.2071095Z | |
2021-08-26T15:03:37.2071670Z ┏━━━━━━━━━━━━━━━━━━━━━━━━┓ | |
2021-08-26T15:03:37.2072286Z ┃ 4/6 scan ┃ | |
2021-08-26T15:03:37.2072931Z ┗━━━━━━━━━━━━━━━━━━━━━━━━┛ | |
2021-08-26T15:03:37.2073231Z | |
2021-08-26T15:03:37.2073857Z ==> starting current scan… | |
2021-08-26T15:03:37.2074209Z | |
2021-08-26T15:03:37.2074981Z current findings - 3 rule issues, 52 inventory findings | |
2021-08-26T15:03:37.2075811Z ignored findings - 1 rule issue | |
2021-08-26T15:03:37.2076185Z | |
2021-08-26T15:03:37.2076820Z ==> starting baseline scan… | |
2021-08-26T15:03:37.2077163Z | |
2021-08-26T15:03:37.2078148Z git status - switching to baseline commit 757ac4e937a04f8d01d9069b576f6a56b78d6a1d | |
2021-08-26T15:03:37.2079327Z target paths - scanning 3 files that had current issues | |
2021-08-26T15:03:37.2080298Z baseline findings - 2 rule issues, 52 inventory findings | |
2021-08-26T15:03:37.2080761Z | |
2021-08-26T15:03:37.2081616Z ┏━━━━━━━━━━━━━━━━━━━━━━━━┓ | |
2021-08-26T15:03:37.2082283Z ┃ 5/6 blocking findings ┃ | |
2021-08-26T15:03:37.2082945Z ┗━━━━━━━━━━━━━━━━━━━━━━━━┛ | |
2021-08-26T15:03:37.2083245Z | |
2021-08-26T15:03:37.2084212Z javascript-debugger - [javascript] [lang] [best-practice] [leftover_debugging] | |
2021-08-26T15:03:37.2085102Z > frontend/src/screens/auth/auth.ts:194 | |
2021-08-26T15:03:37.2085766Z ╷ | |
2021-08-26T15:03:37.2086353Z 194│ debugger; | |
2021-08-26T15:03:37.2086931Z ╵ | |
2021-08-26T15:03:37.2087528Z = found debugger call; should this be in production code? | |
2021-08-26T15:03:37.2087989Z | |
2021-08-26T15:03:37.2088489Z ==> not printing 24 audit findings | |
2021-08-26T15:03:37.2089100Z ==> not printing 52 inventory findings | |
2021-08-26T15:03:37.2089495Z | |
2021-08-26T15:03:37.2090091Z ┏━━━━━━━━━━━━━━━━━━━━━━━━┓ | |
2021-08-26T15:03:37.2090861Z ┃ 6/6 scan report ┃ | |
2021-08-26T15:03:37.2091537Z ┗━━━━━━━━━━━━━━━━━━━━━━━━┛ | |
2021-08-26T15:03:37.2091771Z | |
2021-08-26T15:03:37.2092092Z ==> by rule ID | |
2021-08-26T15:03:37.2092352Z | |
2021-08-26T15:03:37.2092869Z ▮ blocking finding ▯ audit finding | |
2021-08-26T15:03:37.2093166Z | |
2021-08-26T15:03:37.2093833Z 45x styled-component-inject… ▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯… | |
2021-08-26T15:03:37.2094543Z 5x javascript-debugger ▮▮▮▮▮ | |
2021-08-26T15:03:37.2095169Z 3x no-console-log ▮▮▮ | |
2021-08-26T15:03:37.2095779Z 2x react-dangerouslyset ▯▯ | |
2021-08-26T15:03:37.2096410Z 2x sql-string-format ▮▮ | |
2021-08-26T15:03:37.2097000Z 1x flask-debug-flag ▯ | |
2021-08-26T15:03:37.2097292Z | |
2021-08-26T15:03:37.2097639Z ==> by severity | |
2021-08-26T15:03:37.2097877Z | |
2021-08-26T15:03:37.2098389Z ▮ blocking finding ▯ audit finding | |
2021-08-26T15:03:37.2098685Z | |
2021-08-26T15:03:37.2099143Z 5x high ▮▮▮▮▯ | |
2021-08-26T15:03:37.2099726Z 22x medium ▮▮▮▮▮▮▮▮▮▮▯▯▯▯▯▯▯▯▯▯▯▯ | |
2021-08-26T15:03:37.2100308Z 64x low ▮▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯… | |
2021-08-26T15:03:37.2100567Z | |
2021-08-26T15:03:37.2100925Z ==> by rule tag | |
2021-08-26T15:03:37.2101437Z | |
2021-08-26T15:03:37.2101980Z ▮ blocking finding ▯ audit finding | |
2021-08-26T15:03:37.2102279Z | |
2021-08-26T15:03:37.2102853Z 55x best-practice ▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯… | |
2021-08-26T15:03:37.2103492Z 21x performance ▮▮▮▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯▯ | |
2021-08-26T15:03:37.2104066Z 9x security ▮▮▮▮▮▮▮▮▯ | |
2021-08-26T15:03:37.2104617Z 9x correctness ▮▯▯▯▯▯▯▯▯ | |
2021-08-26T15:03:37.2105184Z 3x cryptography ▮▮▮ | |
2021-08-26T15:03:37.2105705Z 2x flask ▯▯ | |
2021-08-26T15:03:37.2106205Z 2x react ▮▮ | |
2021-08-26T15:03:37.2106767Z 2x javascript-debugger ▮▮ | |
2021-08-26T15:03:37.2107372Z 1x permissions ▯ | |
2021-08-26T15:03:37.2107641Z | |
2021-08-26T15:03:37.2108095Z ==> see more data about your findings on Semgrep App | |
2021-08-26T15:03:37.2108425Z | |
2021-08-26T15:03:37.2109195Z https://semgrep.dev/manage/findings?repo=returntocorp/semgrep-app | |
2021-08-26T15:03:37.2109799Z | |
2021-08-26T15:03:37.2110190Z ==> exiting with failing status |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment