Skip to content
CI

chore(deps): bump github/codeql-action from 3.28.13 to 4.36.0 #76

Sign in to view logs

chore(deps): bump github/codeql-action from 3.28.13 to 4.36.0

chore(deps): bump github/codeql-action from 3.28.13 to 4.36.0 #76

Triggered via pull request May 25, 2026 04:28
@dependabotdependabot[bot]
opened #34
dependabot/github_actions/github/codeql-action-4.36.0
Status Failure
Total duration 57s
Artifacts

ci.yml

on: pull_request
Test
54s
Test
Lint
34s
Lint
Security
49s
Security
Fit to window
Zoom out
Zoom in

Annotations

21 errors
Lint: internal/graph/graph.go#L406
QF1012: Use fmt.Fprintf(...) instead of WriteString(fmt.Sprintf(...)) (staticcheck)
Lint: internal/graph/graph.go#L384
QF1012: Use fmt.Fprintf(...) instead of WriteString(fmt.Sprintf(...)) (staticcheck)
Lint: internal/graph/graph.go#L362
QF1012: Use fmt.Fprintf(...) instead of WriteString(fmt.Sprintf(...)) (staticcheck)
Lint: internal/audit/audit.go#L233
QF1008: could remove embedded field "Time" from selector (staticcheck)
Lint: internal/audit/audit.go#L232
QF1008: could remove embedded field "Time" from selector (staticcheck)
Lint: cmd/map.go#L199
QF1003: could use tagged switch on node.Risk (staticcheck)
Lint: cmd/map.go#L144
ineffectual assignment to prefix (ineffassign)
Lint: cmd/map.go#L172
G306: Expect WriteFile permissions to be 0600 or less (gosec)
Lint: cmd/audit.go#L170
G306: Expect WriteFile permissions to be 0600 or less (gosec)
Lint: internal/graph/github.go#L181
File is not properly formatted (goimports)
Security
graph.GitHubGraphBuilder.addDeployKeys calls github.RepositoriesService.ListByOrg, which eventually calls url.Parse
Security
k8s.Scanner.ScanPath calls filepath.WalkDir, which eventually calls os.ReadDir
Security
graph.GitHubGraphBuilder.addDeployKeys calls github.RepositoriesService.ListByOrg, which eventually calls tls.Dialer.DialContext
Security
output.WriteOCSF calls bufio.Writer.Write, which calls tls.Conn.Write
Security
bundle.hashFile calls io.Copy, which eventually calls tls.Conn.Read
Security
graph.GitHubGraphBuilder.addDeployKeys calls github.RepositoriesService.ListByOrg, which eventually calls tls.Conn.HandshakeContext
Security
graph.GitHubGraphBuilder.addDeployKeys calls github.RepositoriesService.ListByOrg, which eventually calls http.Client.Do
Security
output.WriteOCSF calls bufio.Writer.Write, which eventually calls x509.Certificate.Verify
Security
output.WriteOCSF calls bufio.Writer.Write, which eventually calls x509.Certificate.Verify
Security
graph.GitHubGraphBuilder.addDeployKeys calls github.RepositoriesService.ListByOrg, which eventually calls net.Dialer.DialContext
Test
Process completed with exit code 1.