Skip to content
[BE][FE][SECURITY] Kics

10.5.0 #1058

Sign in to view logs

10.5.0

10.5.0 #1058

Triggered via pull request February 22, 2024 13:38
@ds-mwesenerds-mwesener
opened #699
catenax-ng:main
Status Success
Total duration 56s
Artifacts

kics.yml

on: pull_request
Analyze frontend
45s
Analyze frontend
Analyze backend
45s
Analyze backend
Fit to window
Zoom out
Zoom in

Annotations

15 warnings
[MEDIUM] Global Server Object Uses HTTP: tx-backend/openapi/traceability-foss-backend.json#L13
Global server object URL should use 'https' protocol instead of 'http'
[MEDIUM] Invalid OAuth2 Token URL (v3): tx-backend/openapi/traceability-foss-backend.json#L8027
OAuth2 security scheme flow requires a valid URL in the tokenUrl field
[MEDIUM] Media Type Object Without Schema: tx-backend/openapi/traceability-foss-backend.json#L435
The Media Type Object should have the attribute 'schema' defined
[MEDIUM] Media Type Object Without Schema: tx-backend/openapi/traceability-foss-backend.json#L1670
The Media Type Object should have the attribute 'schema' defined
[MEDIUM] Media Type Object Without Schema: tx-backend/openapi/traceability-foss-backend.json#L1554
The Media Type Object should have the attribute 'schema' defined
[MEDIUM] Media Type Object Without Schema: tx-backend/openapi/traceability-foss-backend.json#L548
The Media Type Object should have the attribute 'schema' defined
[MEDIUM] Response on operations that should not have a body has declared content (v3): tx-backend/openapi/traceability-foss-backend.json#L594
If a response is head or its code is 204 or 304, it shouldn't have a content defined
[INFO] Invalid Media Type Value (v3): tx-backend/openapi/traceability-foss-backend.json#L4567
The Media Type value should match the following format: <type>/<subtype>[+suffix][;parameters]
[INFO] Operation Without Successful HTTP Status Code (v3): tx-backend/openapi/traceability-foss-backend.json#L2659
Operation Object should have at least one successful HTTP status code defined
[INFO] Unknown Prefix (v3): tx-backend/openapi/traceability-foss-backend.json#L4567
The media type prefix should be set as 'application', 'audio', 'font', 'example', 'image', 'message', 'model', 'multipart', 'text' or 'video'
[MEDIUM] Healthcheck Not Set: frontend/cypress/docker-compose.yml#L24
Check containers periodically to see if they are running properly.
[MEDIUM] Host Namespace is Shared: frontend/docker-compose.yml#L45
The hosts process namespace should not be shared by containers
[MEDIUM] Host Namespace is Shared: frontend/cypress/docker-compose.yml#L24
The hosts process namespace should not be shared by containers
[MEDIUM] Networks Not Set: frontend/cypress/docker-compose.yml#L24
Setting networks in services ensures you are not using dockers default bridge (docker0), which shares traffic bewteen all containers.
[MEDIUM] Shared Host Network Namespace: frontend/cypress/docker-compose.yml#L35
Container should not share the host network namespace