brakeman-sast

Passed Started 1 year ago by
1Running with gitlab-runner 16.1.0~beta.5.gf131a6a2 (f131a6a2)
2  on blue-3.private.runners-manager.gitlab.com/gitlab.com/gitlab-org 6io2xoDD, system ID: s_8f94f7760223
3  feature flags: FF_NETWORK_PER_BUILD:true, FF_USE_FASTZIP:true, FF_USE_IMPROVED_URL_MASKING:true
 4  Resolving secrets  
  00:00
 5  Preparing the "docker+machine" executor  
  00:06
6Using Docker executor with image registry.gitlab.com/security-products/brakeman:4 ...
7Authenticating with credentials from job payload (GitLab Registry)
8Pulling docker image registry.gitlab.com/security-products/brakeman:4 ...
9Using docker image sha256:7e5fc988df67efc10c7dda8cddd7190500fd0d571a7389bbf96f31ff6ac32832 for registry.gitlab.com/security-products/brakeman:4 with digest registry.gitlab.com/security-products/brakeman@sha256:624a25dd1ca27a32f40357cf8f55dd5b80ae8194df8e270144ff6390261019dc ...
 10  Preparing environment  
  00:02
11Running on runner-6io2xodd-project-278964-concurrent-0 via runner-6io2xodd-private-1685679521-582905aa...
 12  Getting source from Git repository  
  00:27
13Fetching changes with git depth set to 20...
14Initialized empty Git repository in /builds/gitlab-org/gitlab/.git/
15Created fresh repository.
16remote: Enumerating objects: 139970, done.        
17remote: Counting objects: 100% (139970/139970), done.        
18remote: Compressing objects: 100% (94736/94736), done.        
19remote: Total 139970 (delta 61223), reused 92025 (delta 39894), pack-reused 0        
20Receiving objects: 100% (139970/139970), 123.36 MiB | 32.11 MiB/s, done.
21Resolving deltas: 100% (61223/61223), done.
22From https://git-us-east1-c.ci-gateway.int.gprd.gitlab.net:8989/gitlab-org/gitlab
23 * [new ref]             refs/pipelines/887306308 -> refs/pipelines/887306308
24Checking out 95754c79 as detached HEAD (ref is refs/merge-requests/122015/merge)...
25Skipping Git submodules setup
26$ git remote set-url origin "${CI_REPOSITORY_URL}"
 27  Executing "step_script" stage of the job script  
  07:59
28Using docker image sha256:7e5fc988df67efc10c7dda8cddd7190500fd0d571a7389bbf96f31ff6ac32832 for registry.gitlab.com/security-products/brakeman:4 with digest registry.gitlab.com/security-products/brakeman@sha256:624a25dd1ca27a32f40357cf8f55dd5b80ae8194df8e270144ff6390261019dc ...
29$ /analyzer run
30[INFO] [Brakeman] [2023-06-02T06:10:58Z] ▶ GitLab Brakeman analyzer v4.0.1
31[INFO] [Brakeman] [2023-06-02T06:10:58Z] ▶ Detecting project
32[INFO] [Brakeman] [2023-06-02T06:10:58Z] ▶ Analyzer found a supported project at path: "/builds/gitlab-org/gitlab". Files in this path will be scanned.
33[INFO] [Brakeman] [2023-06-02T06:10:58Z] ▶ Running analyzer
34[INFO] [Brakeman] [2023-06-02T06:14:59Z] ▶ Creating report
35[INFO] [2023-06-02T06:14:59Z] ▶ /builds/gitlab-org/gitlab/gl-sast-report-post.json written
36[INFO] [VET] [2023-06-02T06:14:59Z] ▶ GitLab VET analyzer vnot-configured
37[INFO] [VET] [2023-06-02T06:14:59Z] ▶ memory (8GB physical, 8GB usable)
38[INFO] [VET] [2023-06-02T06:14:59Z] ▶ Model: AMD EPYC 7B12
39  details: cpu (1 physical package, 1 core, 2 hardware threads)
40WARNING: failed to parse the partuuid of /dev/sda1
41WARNING: failed to parse the partuuid of /dev/sda12
42WARNING: failed to parse the partuuid of /dev/sda3
43WARNING: failed to parse the partuuid of /dev/sda8
44[INFO] [VET] [2023-06-02T06:14:59Z] ▶ Disk name: dm-0, controller: Unknown
45[INFO] [VET] [2023-06-02T06:14:59Z] ▶ Disk name: md0, controller: Unknown
46[INFO] [VET] [2023-06-02T06:14:59Z] ▶ Disk name: sda, controller: HDD
47████████████████████████████████████████████████
48███  ████  █████  ██  █    █      ██    ██    ██
49██    ██    ████  ██  █ ██████  ████ ████████ ██
50█            ███  ██  █    ███  ████ ███  ███ ██
51██          ████  ██  █ ██████  ████ ████████ ██
52████      ███████    ██    ███  ████    ██    ██
53██████  ████████████████████████████████████████
54████████████████████████████████████████████████
55[//vet import --src /builds/gitlab-org/gitlab --store /builds/gitlab-org/gitlab/vetstore]
56[INFO] [VET] [2023-06-02T06:14:59Z] ▶ Vet Import Process Starting...
57[INFO] [VET] [2023-06-02T06:17:51Z] ▶ 
58Import time 171.895484 seconds
59[INFO] [VET] [2023-06-02T06:17:51Z] ▶ VET import complete
60[INFO] [VET] [2023-06-02T06:17:51Z] ▶ GitLab VET analyzer vnot-configured
61[INFO] [VET] [2023-06-02T06:17:51Z] ▶ memory (8GB physical, 8GB usable)
62[INFO] [VET] [2023-06-02T06:17:51Z] ▶ Model: AMD EPYC 7B12
63  details: cpu (1 physical package, 1 core, 2 hardware threads)
64WARNING: failed to parse the partuuid of /dev/sda1
65WARNING: failed to parse the partuuid of /dev/sda12
66WARNING: failed to parse the partuuid of /dev/sda3
67WARNING: failed to parse the partuuid of /dev/sda8
68[INFO] [VET] [2023-06-02T06:17:51Z] ▶ Disk name: dm-0, controller: Unknown
69[INFO] [VET] [2023-06-02T06:17:51Z] ▶ Disk name: md0, controller: Unknown
70[INFO] [VET] [2023-06-02T06:17:51Z] ▶ Disk name: sda, controller: HDD
71████████████████████████████████████████████████
72███  ████  █████  ██  █    █      ██    ██    ██
73██    ██    ████  ██  █ ██████  ████ ████████ ██
74█            ███  ██  █    ███  ████ ███  ███ ██
75██          ████  ██  █ ██████  ████ ████████ ██
76████      ███████    ██    ███  ████    ██    ██
77██████  ████████████████████████████████████████
78████████████████████████████████████████████████
79[//vet verify --reportIn /builds/gitlab-org/gitlab/gl-sast-report.json --reportOut /builds/gitlab-org/gitlab/gl-sast-report-post.json --store /builds/gitlab-org/gitlab/vetstore --config /verify/brakeman.toml]
80[INFO] [VET] [2023-06-02T06:17:52Z] ▶ Run stencils
81[INFO] [VET] [2023-06-02T06:17:52Z] ▶ coala: script: (slice { :dir "<-", :kind [ :tree ] } {  :name [ "validates" ] , :kind [ :call ] } (nodes {  :name [ "URI::MailTo:EMAIL_REGEXP" ]  } store))
82iterator
83[INFO] [VET] [2023-06-02T06:17:52Z] ▶ coala: script: (slice { :dir "<-", :kind [ :tree ] } {  :name [ "exec" "match" ] , :kind [ :call ] } (nodes {  :type [ :lit ]  } store))
84iterator
85[INFO] [VET] [2023-06-02T06:17:53Z] ▶ Augment report
86[INFO] [VET] [2023-06-02T06:18:57Z] ▶ Report augmented within 64.301069 seconds
87[INFO] [VET] [2023-06-02T06:18:57Z] ▶ /builds/gitlab-org/gitlab/gl-sast-report-post.json written
 88  Uploading artifacts for successful job  
  00:04
89Uploading artifacts...
90gl-sast-report.json: found 1 matching artifact files and directories 
91WARNING: Upload request redirected                  location=https://gitlab.com/api/v4/jobs/4400964049/artifacts?artifact_format=zip&artifact_type=archive&expire_in=1+week new-url=https://gitlab.com
92WARNING: Retrying...                                context=artifacts-uploader error=request redirected
93Uploading artifacts as "archive" to coordinator... 201 Created  id=4400964049 responseStatus=201 Created token=64_9j_KC
94Uploading artifacts...
95gl-sast-report.json: found 1 matching artifact files and directories 
96WARNING: Upload request redirected                  location=https://gitlab.com/api/v4/jobs/4400964049/artifacts?artifact_format=raw&artifact_type=sast&expire_in=1+week new-url=https://gitlab.com
97WARNING: Retrying...                                context=artifacts-uploader error=request redirected
98Uploading artifacts as "sast" to coordinator... 201 Created  id=4400964049 responseStatus=201 Created token=64_9j_KC
 99  Cleaning up project directory and file based variables  
  00:01
100Job succeeded
Tags: gitlab-org
Job artifacts
The artifacts were removed 1 year ago
Commit 95754c79 in !122015
Merge branch 'ci-minutes-to-compute-2' into 'master'
Related jobs

brakeman-sast
code_quality
docs code_quality
docs-lint links
docs-lint markdown
eslint
eslint as-if-foss
feature-flags-usage
generate-apollo-graphql-schema
generate-apollo-graphql-schema as-if-foss
haml-lint
haml-lint ee
ping-appsec-for-sast-findings
rubocop
secret_detection
semgrep-appsec-custom-rules
semgrep-sast
static-analysis 1/2
static-analysis 2/2
static-verification-with-database
ui-docs-links lint