Scan results · a7e137f
main · 2 critical · 14 high · 59 medium · 82 low
- medium Logger Credential Leak Risk sast-engine/tools/typeshed-converter/convert.py:763
Logging call detected. Audit log statements for credential/secret leakage.
- medium Logger Credential Leak Risk sast-engine/tools/typeshed-converter/convert.py:765
Logging call detected. Audit log statements for credential/secret leakage.
- medium Logger Credential Leak Risk sast-engine/tools/typeshed-converter/convert.py:769
Logging call detected. Audit log statements for credential/secret leakage.
- medium Logger Credential Leak Risk sast-engine/tools/typeshed-converter/mro.py:129
Logging call detected. Audit log statements for credential/secret leakage.
- medium Logger Credential Leak Risk sast-engine/tools/typeshed-converter/mro.py:181
Logging call detected. Audit log statements for credential/secret leakage.
- low Missing HEALTHCHECK Instruction Dockerfile:1
No HEALTHCHECK instruction. Container health cannot be monitored by orchestrators, reducing reliability and observability.
- low Dockerfile Source Not Pinned Dockerfile:1
FROM instruction without digest pinning. Consider using @sha256:... for immutable builds.
- low Use Absolute Path in WORKDIR Dockerfile:3
WORKDIR should use absolute paths starting with /.
- low Prefer apt-get over apt Dockerfile:15
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Nonsensical Command Dockerfile:15
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
Get this for your repo.
Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.