Skip to content

test pr codescan

test pr codescan #91

Triggered via pull request December 20, 2023 07:22
@Duan-0916Duan-0916
reopened #5
Status Failure
Total duration 2m 40s
Artifacts

main.yml

on: pull_request_target
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 8 warnings
stc
检测到当前应用使用了不安全版本的组件com.google.code.gson:gson 文件: http://github.com/xuqiu/alipay-test/blob/main/pom.xml 细节/建议: 具体pom依赖情况如下: <groupId>com.google.code.gson</groupId> <artifactId>[H[gson]H]</artifactId> <version>2.8.0</version> 对应的修复版本为: <version>2.8.9</version>
stc
检测到当前应用使用了不安全版本的组件org.apache.logging.log4j:log4j-core 文件: http://github.com/xuqiu/alipay-test/blob/main/pom.xml 细节/建议: 具体pom依赖情况如下: <groupId>org.apache.logging.log4j</groupId> <artifactId>[H[log4j-core]H]</artifactId> <version>2.13.3</version> 对应的修复版本为: <version>2.15.0</version>
stc
详情请查看:https://devops.cloud.alipay.com/project/19500036/27600249/pipeline/details 请加入钉钉群
sca
Unexpected input(s) 'cachePullPushPolicy', valid inputs are ['parent_uid', 'private_key', 'scan_type', 'tips']
sca
详情请查看:https://devops.cloud.alipay.com/project/19500036/27600248/pipeline/details
sca
请注意, 您的代码 src/main/java/org/corgi/consumer/sourcedownload/utils/tar/Octal.java 与 开源项目 qpython-android/qpython:v2.2.4-CN 的文件: https://github.com/qpython-android/qpython/blob/v2.2.4-CN/qpysdk/src/main/java/org/qpython/qpysdk/jtar/Octal.java 相似度: 100
sca
请注意, 您的代码 src/main/java/org/corgi/consumer/sourcedownload/utils/tar/TarEntry.java 与 开源项目 renpy/rapt:renpy-7.1.0.817 的文件: https://github.com/renpy/rapt/blob/renpy-7.1.0.817/project/renpyandroid/src/main/java/org/kamranzafar/jtar/TarEntry.java 相似度: 100
sca
请注意, 您的代码 src/main/java/org/corgi/consumer/sourcedownload/utils/tar/TarHeader.java 与 开源项目 renpy/rapt:renpy-7.1.1.920 的文件: https://github.com/renpy/rapt/blob/renpy-7.1.1.920/project/renpyandroid/src/main/java/org/kamranzafar/jtar/TarHeader.java 相似度: 91
sca
请注意, 您的代码 src/main/java/org/corgi/consumer/sourcedownload/utils/tar/TarInputStream.java 与 开源项目 renpy/rapt:renpy-7.1.0.818 的文件: https://github.com/renpy/rapt/blob/renpy-7.1.0.818/project/renpyandroid/src/main/java/org/kamranzafar/jtar/TarInputStream.java 相似度: 100
sca
请注意, 您的代码 src/main/java/org/corgi/consumer/sourcedownload/utils/tar/TarOutputStream.java 与 开源项目 renpy/rapt:renpy-7.3.2.320 的文件: https://github.com/renpy/rapt/blob/renpy-7.3.2.320/project/renpyandroid/src/main/java/org/kamranzafar/jtar/TarOutputStream.java 相似度: 100