Psalm Security Analysis

[stable24] fix(security): Update CA certificate bundle #31575

Sign in to view logs

Triggered via pull request January 1, 2025 02:33

nextcloud-command

opened #49998

automated/noid/stable24-update-ca-cert-bundle

Status Success

Total duration 4m 32s

Artifacts –

psalm-security.yml

on: pull_request

Annotations

11 errors and 1 warning

Psalm: apps/admin_audit/lib/Actions/Action.php#L64

Detected tainted HTML (see https://psalm.dev/245)

Psalm: apps/admin_audit/lib/Actions/Action.php#L64

Detected tainted HTML (see https://psalm.dev/245)

Psalm: apps/files_external/lib/Lib/Storage/SFTP.php#L237

Detected tainted file handling (see https://psalm.dev/255)

Psalm: apps/files_external/lib/Lib/Storage/SFTP.php#L258

Detected tainted file handling (see https://psalm.dev/255)

Psalm: apps/files_external/lib/Lib/Storage/SFTP.php#L399

Detected tainted file handling (see https://psalm.dev/255)

Psalm: apps/files_sharing/lib/Controller/ShareController.php#L686

Detected tainted cookie (see https://psalm.dev/257)

Psalm: apps/theming/lib/IconBuilder.php#L137

Detected tainted file handling (see https://psalm.dev/255)

Psalm: apps/theming/lib/IconBuilder.php#L235

Detected tainted file handling (see https://psalm.dev/255)

Psalm: core/Controller/SvgController.php#L129

Detected tainted file handling (see https://psalm.dev/255)

Psalm: lib/base.php#L203

Detected tainted header (see https://psalm.dev/256)

This version of the CodeQL Action was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636