Skip to content

Trigger Build

Trigger Build #8434

Triggered via push January 9, 2025 18:27
Status Failure
Total duration 2h 0m 28s
Artifacts
Matrix: Build
login-to-amazon-ecr
6s
login-to-amazon-ecr
Validate App Registry
29s
Validate App Registry
Unit Tests
49s
Unit Tests
Linting
1m 49s
Linting
Security Audit
38s
Security Audit
Drupal Cache Test
22m 4s
Drupal Cache Test
Run Jenkins CI
29s
Run Jenkins CI
Cypress E2E Tests
0s
Cypress E2E Tests
Get Latest Workflow Run Number
0s
Get Latest Workflow Run Number
Testing Reports
0s
Testing Reports
Matrix: Deploy
Notify Failure
0s
Notify Failure
Fit to window
Zoom out
Zoom in

Annotations

12 errors and 21 warnings
Security Audit
Security advisory: Title: qs vulnerable to Prototype Pollution Module name: qs Dependency: node-libcurl Path: node-libcurl>node-gyp>request>qs Severity: high Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp
Security Audit
Security advisory: Title: tough-cookie Prototype Pollution vulnerability Module name: tough-cookie Dependency: node-libcurl Path: node-libcurl>node-gyp>request>tough-cookie Severity: moderate Details: https://github.com/advisories/GHSA-72xf-g2v4-qvf3
Security Audit
Security advisory: Title: qs vulnerable to Prototype Pollution Module name: qs Dependency: express Path: express>qs Severity: high Details: https://github.com/advisories/GHSA-hrpp-h998-j3pp
Security Audit
Security advisory: Title: path-to-regexp outputs backtracking regular expressions Module name: path-to-regexp Dependency: express Path: express>path-to-regexp Severity: high Details: https://github.com/advisories/GHSA-9wv6-86v2-598j
Security Audit
Security advisory: Title: send vulnerable to template injection that can lead to XSS Module name: send Dependency: express Path: express>send Severity: low Details: https://github.com/advisories/GHSA-m6fv-jmcg-4jfg
Security Audit
Security advisory: Title: serve-static vulnerable to template injection that can lead to XSS Module name: serve-static Dependency: express Path: express>serve-static Severity: low Details: https://github.com/advisories/GHSA-cm22-4g7w-348p
Security Audit
Security advisory: Title: Unpatched `path-to-regexp` ReDoS in 0.1.x Module name: path-to-regexp Dependency: express Path: express>path-to-regexp Severity: moderate Details: https://github.com/advisories/GHSA-rhx6-c78j-4q9w
Security Audit
Security advisory: Title: Command Injection in moment-timezone Module name: moment-timezone Dependency: moment-timezone Path: moment-timezone Severity: low Details: https://github.com/advisories/GHSA-56x4-j7p9-fcf9
Security Audit
Security advisory: Title: Cleartext Transmission of Sensitive Information in moment-timezone Module name: moment-timezone Dependency: moment-timezone Path: moment-timezone Severity: moderate Details: https://github.com/advisories/GHSA-v78c-4p63-2j6c
Security Audit
Security advisory: Title: json-schema is vulnerable to Prototype Pollution Module name: json-schema Dependency: node-libcurl Path: node-libcurl>node-gyp>request>http-signature>jsprim>json-schema Severity: critical Details: https://github.com/advisories/GHSA-896r-f27r-55mw
Build (vagovprod)
The job running on runner MVdQOqi-0bf971c5b84b638a5 has exceeded the maximum execution time of 120 minutes.
Build (vagovprod)
The operation was canceled.
Build (vagovprod)
Your workflow is using a version of actions/cache that is scheduled for deprecation, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8. Please update your workflow to use either v3 or v4 of actions/cache to avoid interruptions. Learn more: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down
Build (vagovstaging)
Your workflow is using a version of actions/cache that is scheduled for deprecation, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8. Please update your workflow to use either v3 or v4 of actions/cache to avoid interruptions. Learn more: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down
Build (vagovdev)
Your workflow is using a version of actions/cache that is scheduled for deprecation, actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8. Please update your workflow to use either v3 or v4 of actions/cache to avoid interruptions. Learn more: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down
login-to-amazon-ecr
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
login-to-amazon-ecr
Your docker password is not masked. See https://github.com/aws-actions/amazon-ecr-login#docker-credentials for more information.
Run Jenkins CI
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Validate App Registry
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Security Audit
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Unit Tests
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Linting
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Linting: config/webpack.config.js#L31
config/webpack.config.js:31:22:Use an object spread instead of `Object.assign` eg: `{ ...foo }`.
Linting: script/pr-check.js#L122
script/pr-check.js:122:7:Use array destructuring.
Linting: script/pr-check.js#L129
script/pr-check.js:129:7:Unary operator '++' used.
Linting: script/pr-check.js#L134
script/pr-check.js:134:7:Unary operator '++' used.
Linting: script/run-unit-test.js#L2
script/run-unit-test.js:2:35:Unexpected use of file extension "js" for "./run-unit-test-help.js"
Linting: script/serve.js#L2
script/serve.js:2:25:`command-line-args` import should occur before import of `./utils`
Linting: src/platform/testing/e2e/cypress/support/commands/keyboard.js#L8
src/platform/testing/e2e/cypress/support/commands/keyboard.js:8:33:Unary operator '++' used.
Linting: src/platform/testing/unit/axe-plugin.js#L1
src/platform/testing/unit/axe-plugin.js:1:18:Unexpected unnamed function.
Linting: src/platform/testing/unit/axe-plugin.js#L5
src/platform/testing/unit/axe-plugin.js:5:59:Unexpected unnamed function.
Linting: src/platform/testing/unit/renameKey.unit.spec.js#L8
src/platform/testing/unit/renameKey.unit.spec.js:8:3:Cypress E2E tests must include at least one axeCheck call. Documentation for adding checks and understanding errors can be found here: https://depo-platform-documentation.scrollhelp.site/developer-docs/A11y-Testing.1935409178.html
Drupal Cache Test
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636