Refactor/syn to lock #38
Lo1ntcloud_code_scan.yml
on: pull_request_target
stc
56s
sca
1m 16s
Annotations
2 errors and 1 warning
|
stc
检测到应用间接依赖了不安全版本的组件com.google.code.gson:gson
文件: http://github.com/Lo1nt/sofa-rpc/blob/refactor/syn_to_lock/config/config-apollo/pom.xml
细节/建议:
间接依赖的组件是:
<groupId>com.google.code.gson</groupId>
<artifactId>[H[gson]H]</artifactId>
间接依赖链路如下:
com.ctrip.framework.apollo:apollo-client:1.4.0->com.google.code.gson:gson:2.8.0
对应的修复版本为:
<version>2.8.9</version>
|
|
sca
read ETIMEDOUT
|
|
stc
详情请查看:https://devops.cloud.alipay.com/project/19500036/27800418/pipeline/details
|