Security Scanning

Dci demo #137

Sign in to view logs

Triggered via pull request February 18, 2026 14:43

jeremi

synchronize #36

dci-demo

Status Success

Total duration 2m 26s

Artifacts –

security.yml

on: pull_request

Secret Detection (Gitleaks)

Dependency Scan

Static Analysis (Semgrep)

Container Scan (Trivy)

Annotations

6 warnings

Secret Detection (Gitleaks)

CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/

Dependency Scan

pip-audit found vulnerabilities (see output above)

Dependency Scan

Fiona/GDAL excluded (require native GDAL/libgdal-dev build dependencies)

Dependency Scan

git+https://github.com/OCA/openupgradelib.git@master

Dependency Scan

Skipping VCS/URL dependencies (cannot be audited):

Static Analysis (Semgrep)

CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/