Bump js-yaml from 4.1.0 to 4.1.1 in /server · cornell-dti/carriage-web@8c05ff7

Triggered via pull request November 15, 2025 10:50

dependabot[bot]

opened #616

dependabot/npm_and_yarn/server/js-yaml-4.1.1

Status Success

Total duration 3m 24s

Artifacts 1

ci-container.yml

on: pull_request

build / build

3m 20s

Annotations

2 warnings

Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L15

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "REACT_APP_ENCRYPTION_KEY") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L14

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "REACT_APP_ENCRYPTION_KEY") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Artifacts

Produced during runtime

Name	Size	Digest
cornell-dti~carriage-web~QKTMDU.dockerbuild Expired	62.4 KB	`sha256:23c9541f4ddddda637359f708b6b689956a081ad3eb280694aeea331df832d6f`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump js-yaml from 4.1.0 to 4.1.1 in /server #618

Summary

Bump js-yaml from 4.1.0 to 4.1.1 in /server #618

Uh oh!

ci-container.yml

Annotations

Artifacts