feat: Add Security Reviewer agent for automated vulnerability assessment #23
emmanuelknafocicd.yml
on: push
Build and Publish Container Image
/
set-version
10s
Deploy Azure Infrastructure
2m 1s
Build and Publish Container Image
/
...
/
scan-image
1m 12s
Build and Deploy to Azure Web App
1m 41s
Build and Publish Container Image
/
...
/
publish-image
59s
Annotations
10 warnings and 3 notices
|
Build and Publish Container Image / scan-image / scan-image
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Build and Publish Container Image / scan-image / scan-image
Failed minimum severity level. Found vulnerabilities with level 'medium' or higher
|
|
Build and Deploy to Azure Web App
Converting null literal or possible null value to non-nullable type.
|
|
Build and Deploy to Azure Web App
Possible null reference assignment.
|
|
Build and Deploy to Azure Web App
Converting null literal or possible null value to non-nullable type.
|
|
Build and Deploy to Azure Web App
Possible null reference assignment.
|
|
Build and Deploy to Azure Web App:
src/webapp01/Pages/Index.cshtml.cs#L22
Converting null literal or possible null value to non-nullable type.
|
|
Build and Deploy to Azure Web App:
src/webapp01/Pages/Index.cshtml.cs#L22
Possible null reference assignment.
|
|
Build and Deploy to Azure Web App:
src/webapp01/Pages/Index.cshtml.cs#L22
Converting null literal or possible null value to non-nullable type.
|
|
Build and Deploy to Azure Web App:
src/webapp01/Pages/Index.cshtml.cs#L22
Possible null reference assignment.
|
|
Build and Publish Container Image / publish-image / publish-image
Snapshot successfully created at 2026-01-29T04:44:58.134Z
|
|
Build and Publish Container Image / publish-image / publish-image
{
"manifests": {},
"version": 0,
"job": {
"correlator": "publish-image",
"id": "21465945278"
},
"sha": "75e604844da1ca78282b754b63742040cfb14c2d",
"ref": "refs/heads/main",
"scanned": "2026-01-29T04:44:57.920Z",
"detector": {
"name": "spdx-to-dependency-graph-action",
"version": "0.1.1",
"url": "https://github.com/advanced-security/spdx-dependency-submission-action"
}
}
|
|
Build and Publish Container Image / publish-image / publish-image
Submitting snapshot...
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
devopsabcs-engineering~gh-advsec-devsecops~K0HHUR.dockerbuild
|
73.4 KB |
sha256:5c566e421e6102b83ccb21fae823cc0d25bce0836dd9aae5eab6fe1162b34e85
|
|
|
devopsabcs-engineering~gh-advsec-devsecops~RHAAFV.dockerbuild
|
38.4 KB |
sha256:84293122668d4bd32ae8f5ea4dd8603baa5240ef90ef97d76fb8535819f601c8
|
|
|
sarif
|
3.39 KB |
sha256:36ba6efa0a475ca54c01fc1fc2478375f85c09380b055804d87e7b869721b621
|
|