Skip to content

test#49

Closed
mm-kgi wants to merge 3 commits intodevelopfrom
main
Closed

test#49
mm-kgi wants to merge 3 commits intodevelopfrom
main

Conversation

@mm-kgi
Copy link
Contributor

@mm-kgi mm-kgi commented Feb 13, 2026

No description provided.

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

ARG BUILD_CONFIGURATION=Release
WORKDIR /App
COPY ["AAS.TwinEngine.Plugin.TestPlugin/", "AAS.TwinEngine.Plugin.TestPlugin/"]
RUN dotnet restore "AAS.TwinEngine.Plugin.TestPlugin/AAS.TwinEngine.Plugin.TestPlugin.csproj"

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: nugetCommand not pinned by hash
Remediation tip:
Click Remediation section below for further remediation help
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwiMSlSWA6Kbemk1-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiMSlSWA6Kbemk1&open=AZw0XwiMSlSWA6Kbemk1">SonarQube Cloud</a></p>
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwiMSlSWA6Kbemk2-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiMSlSWA6Kbemk2&open=AZw0XwiMSlSWA6Kbemk2">SonarQube Cloud</a></p>
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwheSlSWA6Kbemjl-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwheSlSWA6Kbemjl&open=AZw0XwheSlSWA6Kbemjl">SonarQube Cloud</a></p>
depends_on:
- mongo
environment:
- SPRING_DATA_MONGODB_URI=mongodb://mongoAdmin:mongoPassword@mongo:27017

Check failure

Code scanning / SonarCloud

MongoDB database passwords should not be disclosed

<!--SONAR_ISSUE_KEY:AZw0XwheSlSWA6Kbemjm-->Make sure this MongoDB password gets changed and removed from the code. <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwheSlSWA6Kbemjm&open=AZw0XwheSlSWA6Kbemjm">SonarQube Cloud</a></p>
schedule:
- cron: '30 19 * * 0'

permissions: read-all

Check notice

Code scanning / SonarCloud

Read-all and Write-all permissions should not be used

<!--SONAR_ISSUE_KEY:AZw0XwiZSlSWA6Kbemk4-->Replace "read-all" with specific permissions (e.g., "contents: read"). <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiZSlSWA6Kbemk4&open=AZw0XwiZSlSWA6Kbemk4">SonarQube Cloud</a></p>
branches: [ "main" ]

# Declare default permissions as read only.
permissions: read-all

Check notice

Code scanning / SonarCloud

Read-all and Write-all permissions should not be used

<!--SONAR_ISSUE_KEY:AZw0XwiSSlSWA6Kbemk3-->Replace "read-all" with specific permissions (e.g., "contents: read"). <p>See more on <a href="https://sonarcloud.io/project/issues?id=AAS-TwinEngine_AAS.TwinEngine.DataEngine&issues=AZw0XwiSSlSWA6Kbemk3&open=AZw0XwiSSlSWA6Kbemk3">SonarQube Cloud</a></p>
@sonarqubecloud
Copy link

@mm-kgi mm-kgi closed this Feb 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants

Comments