:bricks: Update mirroring workflow · JetBrains/qodana-cli@c6afb49

Triggered via push May 8, 2025 11:22

tiulpin

pushed c6afb49

main

Status Success

Total duration 6m 48s

Artifacts 1

devcontainer.yml

on: push

docker

6m 38s

Annotations

1 error, 9 warnings, and 5 notices

Hardcoded passwords: .github/workflows/mirror.yml#L24

Hardcoded password detected by "Password in URL" default rule

Vulnerable declared dependency: core/go.mod#L91

Dependency go:golang.org/x/oauth2:v0.18.0 is vulnerable * [CVE-2025-22868](https://www.mend.io/vulnerability-database/CVE-2025-22868?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: cmd/go.mod#L106

Dependency go:golang.org/x/crypto:v0.31.0 is vulnerable , safe version v0.34.1-0.19700101000000-7292932d45d5 * [CVE-2025-22869](https://www.mend.io/vulnerability-database/CVE-2025-22869?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: cmd/go.mod#L110

Dependency go:golang.org/x/oauth2:v0.23.0 is vulnerable * [CVE-2025-22868](https://www.mend.io/vulnerability-database/CVE-2025-22868?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: cli/go.mod#L112

Dependency go:golang.org/x/oauth2:v0.23.0 is vulnerable * [CVE-2025-22868](https://www.mend.io/vulnerability-database/CVE-2025-22868?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: core/go.mod#L89

Dependency go:golang.org/x/crypto:v0.31.0 is vulnerable , safe version v0.34.1-0.19700101000000-7292932d45d5 * [CVE-2025-22869](https://www.mend.io/vulnerability-database/CVE-2025-22869?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: platform/go.mod#L61

Dependency go:golang.org/x/oauth2:v0.18.0 is vulnerable * [CVE-2025-22868](https://www.mend.io/vulnerability-database/CVE-2025-22868?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: clang/go.mod#L108

Dependency go:golang.org/x/oauth2:v0.18.0 is vulnerable * [CVE-2025-22868](https://www.mend.io/vulnerability-database/CVE-2025-22868?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: cli/go.mod#L109

Dependency go:golang.org/x/crypto:v0.31.0 is vulnerable , safe version v0.34.1-0.19700101000000-7292932d45d5 * [CVE-2025-22869](https://www.mend.io/vulnerability-database/CVE-2025-22869?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: platform/go.mod#L60

Dependency go:golang.org/x/crypto:v0.31.0 is vulnerable , safe version v0.34.1-0.19700101000000-7292932d45d5 * [CVE-2025-22869](https://www.mend.io/vulnerability-database/CVE-2025-22869?utm_source=JetBrains) 7.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: cmd/go.mod#L109

Dependency go:golang.org/x/net:v0.33.0 is vulnerable , safe version v0.38.0 * [CVE-2025-22870](https://www.mend.io/vulnerability-database/CVE-2025-22870?utm_source=JetBrains) 4.4 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: cmd/go.mod#L10

Dependency go:github.com/docker/docker:v25.0.6+incompatible is vulnerable , safe version v27.1.1+incompatible * [CVE-2024-36620](https://www.mend.io/vulnerability-database/CVE-2024-36620?utm_source=JetBrains) 6.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: core/go.mod#L8

Dependency go:github.com/docker/docker:v25.0.6+incompatible is vulnerable , safe version v27.1.1+incompatible * [CVE-2024-36620](https://www.mend.io/vulnerability-database/CVE-2024-36620?utm_source=JetBrains) 6.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: clang/go.mod#L41

Dependency go:github.com/docker/docker:v25.0.6+incompatible is vulnerable , safe version v27.1.1+incompatible * [CVE-2024-36620](https://www.mend.io/vulnerability-database/CVE-2024-36620?utm_source=JetBrains) 6.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Vulnerable declared dependency: cli/go.mod#L9

Dependency go:github.com/docker/docker:v25.0.6+incompatible is vulnerable , safe version v27.1.1+incompatible * [CVE-2024-36620](https://www.mend.io/vulnerability-database/CVE-2024-36620?utm_source=JetBrains) 6.5 Insufficient Information Results powered by [Mend.io](https://www.mend.io/?utm_source=JetBrains)

Artifacts

Produced during runtime

Name	Size	Digest
JetBrains~qodana-cli~YR6Y9W.dockerbuild Expired	123 KB	`sha256:4c9d230813be6890c48ae3dd02616eec0c65ca1361c70556df729054179c8a27`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🧱 Update mirroring workflow #39

Summary

🧱 Update mirroring workflow #39

Uh oh!

devcontainer.yml

Annotations

Artifacts