revert(csp): restore nonce-based style-src (drop unsafe-inline) #29
ci.yml
on: push
Install Dependencies
23s
Lint
33s
Type Check
37s
Unit Tests
1m 38s
i18n Catalogs Fresh
27s
Supply Chain (audit + SBOM)
32s
E2E (fast, fake provider)
1m 1s
PR Test Summary
Publish Kustomize Bundle
/
publish-kustomize-bundle
24s
Annotations
3 warnings
|
Supply Chain (audit + SBOM)
Node.js 20 is deprecated. The following actions target Node.js 20 but are being forced to run on Node.js 24: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L29
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "SENTRY_AUTH_TOKEN")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L26
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "SENTRY_AUTH_TOKEN")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
datum-cloud~auth-ui~T94VJY.dockerbuild
|
67.7 KB |
sha256:04c07d7dba9f9629b06251e4100b590d6f4e2c3e4cabb0418849f5546fb032e8
|
|
|
sbom-cyclonedx
|
79.2 KB |
sha256:771ae552157315246d0c33f9591361c9f9affd99ca2230ee285005158fef1aaf
|
|