Skip to content
This repository was archived by the owner on Jan 12, 2026. It is now read-only.

new

e93baee
Select commit
Loading
Failed to load commit list.
Open

New branch #26

new
e93baee
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis required action Jul 28, 2025 in 0s

8 new issues (0 max.) of at least minor severity.

Annotations

Check warning on line 30 in .github/workflows/cd.yml

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

.github/workflows/cd.yml#L30

An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.

Check warning on line 40 in .github/workflows/cd.yml

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

.github/workflows/cd.yml#L40

An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.

Check warning on line 24 in .github/workflows/cloudrunner.yml

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

.github/workflows/cloudrunner.yml#L24

An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.

Check warning on line 29 in .github/workflows/cloudrunner.yml

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

.github/workflows/cloudrunner.yml#L29

An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.

Check warning on line 41 in .github/workflows/cloudrunner.yml

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

.github/workflows/cloudrunner.yml#L41

An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.

Check warning on line 24 in Dockerfile

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

Dockerfile#L24

Pin versions in pip. Instead of `pip install <package>` use `pip install <package>==<version>` or `pip install --requirement <requirements file>`

Check warning on line 25 in entrypoint.sh

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

entrypoint.sh#L25

Double quote to prevent globbing and word splitting.

Check warning on line 4 in requirements.txt

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

requirements.txt#L4

Insecure dependency pypi/jinja2@3.0.3 (CVE-2024-22195: jinja2: HTML attribute injection when passing user input as keys to xmlattr filter) (update to 3.1.3)