Skip to content

test#49

Closed
mm-kgi wants to merge 3 commits intodevelopfrom
main
Closed

test#49
mm-kgi wants to merge 3 commits intodevelopfrom
main

Conversation

@mm-kgi
Copy link
Contributor

@mm-kgi mm-kgi commented Feb 13, 2026

No description provided.

@github-advanced-security
Copy link

github-advanced-security bot commented Feb 13, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 13, 2026
View reviewed changes
source/AAS.TwinEngine.Plugin.TestPlugin/Dockerfile
ARG BUILD_CONFIGURATION=Release
WORKDIR /App
COPY ["AAS.TwinEngine.Plugin.TestPlugin/", "AAS.TwinEngine.Plugin.TestPlugin/"]
RUN dotnet restore "AAS.TwinEngine.Plugin.TestPlugin/AAS.TwinEngine.Plugin.TestPlugin.csproj"

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: nugetCommand not pinned by hash
Remediation tip:
Click Remediation section below for further remediation help
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 13, 2026
View reviewed changes
example/docker-compose.yml
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwiMSlSWA6Kbemk1-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiMSlSWA6Kbemk1&open=AZw0XwiMSlSWA6Kbemk1">SonarQube Cloud</a></p>
example/docker-compose.yml
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwiMSlSWA6Kbemk2-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiMSlSWA6Kbemk2&open=AZw0XwiMSlSWA6Kbemk2">SonarQube Cloud</a></p>
source/AAS.TwinEngine.Plugin.TestPlugin/Example/docker-compose.yml
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwheSlSWA6Kbemjl-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwheSlSWA6Kbemjl&open=AZw0XwheSlSWA6Kbemjl">SonarQube Cloud</a></p>
source/AAS.TwinEngine.Plugin.TestPlugin/Example/docker-compose.yml
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwheSlSWA6Kbemjm-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwheSlSWA6Kbemjm&open=AZw0XwheSlSWA6Kbemjm">SonarQube Cloud</a></p>
.github/workflows/codeql.yml
schedule:
- cron: '30 19 * * 0'

permissions: read-all

Check notice

Code scanning / SonarCloud

Read-all and Write-all permissions should not be used

<!--SONAR_ISSUE_KEY:AZw0XwiZSlSWA6Kbemk4-->Replace "read-all" with specific permissions (e.g., "contents: read"). <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiZSlSWA6Kbemk4&open=AZw0XwiZSlSWA6Kbemk4">SonarQube Cloud</a></p>
.github/workflows/scorecard.yml
branches: [ "main" ]

# Declare default permissions as read only.
permissions: read-all

Check notice

Code scanning / SonarCloud

Read-all and Write-all permissions should not be used

<!--SONAR_ISSUE_KEY:AZw0XwiSSlSWA6Kbemk3-->Replace "read-all" with specific permissions (e.g., "contents: read"). <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiSSlSWA6Kbemk3&open=AZw0XwiSSlSWA6Kbemk3">SonarQube Cloud</a></p>
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 13, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
1.1% Duplication on New Code

See analysis details on SonarQube Cloud

@mm-kgi mm-kgi closed this Feb 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mm-kgi @mm-rer

Comments