Skip to content
PR Build

fix(security): Prevent command injection in ProcessBuilder call #3

Sign in to view logs

fix(security): Prevent command injection in ProcessBuilder call

fix(security): Prevent command injection in ProcessBuilder call #3

Triggered via pull request August 21, 2025 08:48
@kirangodishalakirangodishala
opened #3
fix/command-injection-processbuilder-7a9x2k
Status Success
Total duration 28m 11s
Artifacts 3

pr.yml

on: pull_request
build
28m 7s
build
Fit to window
Zoom out
Zoom in

Annotations

2 warnings
Sensitive data should not be used in the ARG or ENV commands: Dockerfile.slim#L10
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "ECR_TOKEN_VERSION") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
Sensitive data should not be used in the ARG or ENV commands: Dockerfile.slim#L10
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "ECR_TOKEN_VERSION") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Artifacts

Produced during runtime
Name Size Digest
kirangodishala~clouddriver~54HXR8.dockerbuild
71.2 KB
sha256:5558c88e75f1b81e87ca396a127fb106746af785f844b0c55bb25af899f9bf76
kirangodishala~clouddriver~FAPY0N.dockerbuild
432 KB
sha256:6f66f08153cb9ec17ab94ec05ac68ac4d3dbc99b0cb94e05f1eb2d159f1a9b14
kirangodishala~clouddriver~SK4EL4.dockerbuild
27.8 KB
sha256:2fe69288bca91cf59376932e664208d1320261314fbdf31b7e3380dbacfb52e4