Fix CI: bandit pin 1.9.0→1.9.4, Go 1.23→1.25 for stdlib vuln fixes #87
SecAI-Hubci.yml
on: push
Python Test & Lint
32s
Shell Script Lint
5s
Validate YAML configs
7s
Verify action pins
6s
Supply Chain & SBOM Verification
24s
Security Regression Tests
13s
Test Count Drift Check
16s
Dependency Vulnerability Audit
25s
Documentation Validation
6s
Matrix: Go Build & Test
Annotations
27 errors and 8 warnings
|
Go Build & Test (policy-engine)
Process completed with exit code 1.
|
|
Go Build & Test (runtime-attestor)
Process completed with exit code 1.
|
|
Go Build & Test (mcp-firewall)
The strategy configuration was canceled because "go-build-and-test.runtime-attestor" failed
|
|
Go Build & Test (registry)
The strategy configuration was canceled because "go-build-and-test.runtime-attestor" failed
|
|
Go Build & Test (registry)
Process completed with exit code 1.
|
|
Go Build & Test (integrity-monitor)
The strategy configuration was canceled because "go-build-and-test.runtime-attestor" failed
|
|
Go Build & Test (integrity-monitor)
Process completed with exit code 1.
|
|
Go Build & Test (gpu-integrity-watch)
The strategy configuration was canceled because "go-build-and-test.runtime-attestor" failed
|
|
Go Build & Test (gpu-integrity-watch)
Process completed with exit code 1.
|
|
Go Build & Test (airlock)
The strategy configuration was canceled because "go-build-and-test.runtime-attestor" failed
|
|
Go Build & Test (airlock)
The operation was canceled.
|
|
Go Build & Test (tool-firewall)
The strategy configuration was canceled because "go-build-and-test.runtime-attestor" failed
|
|
Go Build & Test (tool-firewall)
The operation was canceled.
|
|
Go Build & Test (incident-recorder)
The strategy configuration was canceled because "go-build-and-test.runtime-attestor" failed
|
|
Go Build & Test (incident-recorder)
The operation was canceled.
|
|
Security Regression Tests
Process completed with exit code 1.
|
|
Test Count Drift Check
Process completed with exit code 1.
|
|
Dependency Vulnerability Audit
Process completed with exit code 1.
|
|
Dependency Vulnerability Audit
incident-recorder: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
integrity-monitor: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
runtime-attestor: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
policy-engine: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
mcp-firewall: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
gpu-integrity-watch: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
tool-firewall: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
registry: govulncheck found vulnerabilities
|
|
Dependency Vulnerability Audit
airlock: govulncheck found vulnerabilities
|
|
Security Regression Tests
Restore cache failed: Dependencies file is not found in /home/runner/work/SecAI_OS/SecAI_OS. Supported file pattern: go.mod
|
|
Test Count Drift Check
Restore cache failed: Dependencies file is not found in /home/runner/work/SecAI_OS/SecAI_OS. Supported file pattern: go.mod
|
|
Supply Chain & SBOM Verification
Restore cache failed: Dependencies file is not found in /home/runner/work/SecAI_OS/SecAI_OS. Supported file pattern: go.mod
|
|
Dependency Vulnerability Audit
Restore cache failed: Dependencies file is not found in /home/runner/work/SecAI_OS/SecAI_OS. Supported file pattern: go.mod
|
|
Python Test & Lint
services/quarantine/quarantine/watcher.py:178: [MEDIUM] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
|
|
Python Test & Lint
services/quarantine/quarantine/pipeline.py:1437: [MEDIUM] Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
|
|
Python Test & Lint
services/agent/agent/sandbox.py:403: [MEDIUM] Probable insecure usage of temp file/directory.
|
|
Python Test & Lint
services/agent/agent/app.py:555: [MEDIUM] Chmod setting a permissive mask 0o660 on file (sock_path).
|