Security Scan #172
Selmirrrrrsecurity-scan.yml
on: schedule
Matrix: CodeQL Security Analysis
Dependency Vulnerability Scan
47s
Static Application Security Testing
1m 1s
Container Security Scan
22s
License Compliance Check
9s
Generate Security Report
5s
Annotations
12 warnings
|
Container Security Scan
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Static Application Security Testing:
src/SharedKernel/Extensions/LoggingExtensions.cs#L127
The behavior of 'LoggerSinkConfiguration.Console([LogEventLevel],
|
|
Static Application Security Testing:
src/SharedKernel/Extensions/LoggingExtensions.cs#L123
The behavior of 'LoggerSinkConfiguration.Debug([LogEventLevel],
|
|
Static Application Security Testing:
src/Aspire/ServiceDefaults/Extensions.cs#L70
'Microsoft.AspNetCore.Http.PathString.StartsWithSegments(Microsoft.AspNetCore.Http.PathString)' has a method overload that takes a 'StringComparison' parameter. Replace this call in 'HeadStart.Aspire.ServiceDefaults.Extensions.ConfigureOpenTelemetry<TBuilder>(TBuilder)' with a call to 'Microsoft.AspNetCore.Http.PathString.StartsWithSegments(Microsoft.AspNetCore.Http.PathString, System.StringComparison)' for clarity of intent. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307)
|
|
Static Application Security Testing:
src/Aspire/ServiceDefaults/Extensions.cs#L69
'Microsoft.AspNetCore.Http.PathString.StartsWithSegments(Microsoft.AspNetCore.Http.PathString)' has a method overload that takes a 'StringComparison' parameter. Replace this call in 'HeadStart.Aspire.ServiceDefaults.Extensions.ConfigureOpenTelemetry<TBuilder>(TBuilder)' with a call to 'Microsoft.AspNetCore.Http.PathString.StartsWithSegments(Microsoft.AspNetCore.Http.PathString, System.StringComparison)' for clarity of intent. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1307)
|
|
Static Application Security Testing:
src/SharedKernel.Models/Extensions/DescriptionAttributeExtensions.cs#L29
Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1860)
|
|
Static Application Security Testing:
src/SharedKernel.Models/Extensions/DescriptionAttributeExtensions.cs#L35
Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1860)
|
|
Static Application Security Testing:
src/SharedKernel.Models/Extensions/DescriptionAttributeExtensions.cs#L13
Prefer comparing 'Length' to 0 rather than using 'Any()', both for clarity and for performance (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1860)
|
|
Static Application Security Testing:
src/SharedKernel.Models/NavigationMenu/MenuSectionModel.cs#L7
Change 'SectionItems' to be read-only by removing the property setter (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227)
|
|
Static Application Security Testing:
src/SharedKernel.Models/NavigationMenu/MenuSectionItemModel.cs#L12
Change 'MenuItems' to be read-only by removing the property setter (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227)
|
|
Static Application Security Testing:
src/SharedKernel.Models/Models/Authorization/UserInfo.cs#L7
Change 'Claims' to be read-only by removing the property setter (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2227)
|
|
CodeQL Security Analysis (csharp)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|