Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP Reset to 2.42.0 #13

Open
wants to merge 18 commits into
base: devel
Choose a base branch
from
Open

WIP Reset to 2.42.0 #13

wants to merge 18 commits into from

Conversation

sonicWhale
Copy link

No description provided.

@guardrails
Copy link

guardrails bot commented May 11, 2023

⚠️ We detected 22 security issues in this pull request:

Hard-Coded Secrets (4)
Severity Details Docs
Medium Title: Hex High Entropy String
"b005741528b86F5952469d80A8614591E3c5B632": {
📚
Medium Title: Hex High Entropy String
"446AA6E0DC65690403dF3F127750da1322941F3e": {
📚
Medium Title: Hex High Entropy String
"9fB29AAc15b9A4B7F17c3385939b007540f4d791": {
📚
Medium Title: Hex High Entropy String
"37B8516a0F88E65D677229b402ec6C1e0E333004": {
📚

More info on how to fix Hard-Coded Secrets in General.


Vulnerable Libraries (17)
Severity Details
N/A pkg:golang/github.com/ledgerwatch/[email protected]@v0.0.0-20230330024812-ae99e29d013b - no patch available
N/A pkg:golang/google.golang.org/[email protected]@v1.54.0 - no patch available
N/A pkg:golang/modernc.org/[email protected]@v1.21.1 - no patch available
N/A pkg:golang/github.com/prometheus/[email protected]@v1.14.0 - no patch available
N/A pkg:golang/github.com/99designs/[email protected]@v0.17.27 - no patch available
N/A pkg:golang/github.com/consensys/[email protected]@v0.10.0 - no patch available
N/A pkg:golang/github.com/protolambda/[email protected]@v0.2.2 - no patch available
N/A pkg:golang/github.com/grpc-ecosystem/[email protected]@v1.4.0 - no patch available
N/A pkg:golang/github.com/btcsuite/btcd/btcec/[email protected]@v2.3.2 - no patch available
N/A pkg:golang/github.com/dop251/[email protected]@v0.0.0-20230122112309-96b1610dd4f7 - no patch available
N/A pkg:golang/github.com/libp2p/[email protected]@v0.26.2 - no patch available
N/A pkg:golang/github.com/bnb-chain/[email protected]@v0.1.0 - no patch available
N/A pkg:golang/github.com/cometbft/[email protected]@v0.37.1 - no patch available
N/A pkg:golang/github.com/libp2p/[email protected]@v0.9.3 - no patch available
N/A pkg:golang/github.com/crate-crypto/[email protected]@v0.0.0-20230405223534-4364e2f9d209 - no patch available
N/A pkg:golang/github.com/shirou/gopsutil/[email protected]@v3.23.3 - no patch available
N/A pkg:golang/github.com/prysmaticlabs/prysm/[email protected]@v4.0.3 - no patch available

More info on how to fix Vulnerable Libraries in Go.


Insecure Network Communication (1)
Severity Details Docs
Medium Title: Insecure SSL/TLS versions allowed
InsecureSkipVerify: insecure, //nolint:gosec
📚

More info on how to fix Insecure Network Communication in Go.


👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@avinashbo avinashbo changed the title Reset to 2.42.0 WIP Reset to 2.42.0 May 12, 2023
@github-actions
Copy link

This PR is stale because it has been open for 40 days with no activity.

@github-actions github-actions bot added the Stale label Jun 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

Successfully merging this pull request may close these issues.

9 participants