Skip to content

fix(ci): remediate all dependency audit advisories via overrides #22

fix(ci): remediate all dependency audit advisories via overrides

fix(ci): remediate all dependency audit advisories via overrides #22

Triggered via push June 23, 2026 11:53
Status Success
Total duration 8m 0s
Artifacts 2

ci.yml

on: push
Install Dependencies
30s
Install Dependencies
Lint
35s
Lint
Type Check
33s
Type Check
Unit Tests
2m 8s
Unit Tests
i18n Catalogs Fresh
32s
i18n Catalogs Fresh
Supply Chain (audit + SBOM)
29s
Supply Chain (audit + SBOM)
E2E (fast, fake provider)
52s
E2E (fast, fake provider)
Final Status Check
4s
Final Status Check
Publish Container Image  /  build-and-push
3m 27s
Publish Container Image / build-and-push
PR Test Summary
PR Test Summary
Publish Kustomize Bundle  /  publish-kustomize-bundle
54s
Publish Kustomize Bundle / publish-kustomize-bundle
Fit to window
Zoom out
Zoom in

Annotations

3 warnings
Supply Chain (audit + SBOM)
Node.js 20 is deprecated. The following actions target Node.js 20 but are being forced to run on Node.js 24: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L29
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "SENTRY_AUTH_TOKEN") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L26
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "SENTRY_AUTH_TOKEN") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Artifacts

Produced during runtime
Name Size Digest
datum-cloud~auth-ui~9YD1F3.dockerbuild
66.9 KB
sha256:7408ee1bc001f5917e70eb79b0f20511f23e779f1a20b469cff5b3550da7255d
sbom-cyclonedx
79.2 KB
sha256:57ae55e87b1ab94548afb6af270053f70b61b38b8319c7f70820a7d6155e8eb7