Skip to content
PR

chore(ci): improvements to gha workflows #12

Sign in to view logs

chore(ci): improvements to gha workflows

chore(ci): improvements to gha workflows #12

Triggered via pull request March 11, 2024 18:51
@sgammonsgammon
synchronize #7089
sgammon:chore/ci-security
Status Failure
Total duration 18m 6s
Artifacts 1

on.pr.yml

on: pull_request
Matrix: Build / build
Checks  /  Gradle Wrapper Validate
14s
Checks / Gradle Wrapper Validate
Checks  /  Dependency Graph
43s
Checks / Dependency Graph
Matrix: Checks / CodeQL Analysis
Matrix: Tests / test
Build  /  ...  /  detect-env
3s
Build / SLSA Provenance / detect-env
Build  /  Generate Docs
0s
Build / Generate Docs
Build  /  ...  /  generator
16s
Build / SLSA Provenance / generator
Build  /  ...  /  upload-assets
0s
Build / SLSA Provenance / upload-assets
Build  /  ...  /  final
0s
Build / SLSA Provenance / final
Build  /  Publish Snapshot
0s
Build / Publish Snapshot
Fit to window
Zoom out
Zoom in

Annotations

8 errors, 4 warnings, and 2 notices
Checks / Dependency Graph
HTTP Status 403 for request POST https://api.github.com/repos/google/guava/dependency-graph/snapshots
Checks / Dependency Graph
Response body: { "message": "Resource not accessible by integration", "documentation_url": "https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository" }
Checks / Dependency Graph
Resource not accessible by integration
Checks / Dependency Graph
HttpError: Resource not accessible by integration at /home/runner/work/_actions/advanced-security/maven-dependency-submission-action/bfd2106013da0957cdede0b6c39fb5ca25ae375e/node_modules/@octokit/request/dist-node/index.js:124:1 at processTicksAndRejections (node:internal/process/task_queues:95:5) at L (/home/runner/work/_actions/advanced-security/maven-dependency-submission-action/bfd2106013da0957cdede0b6c39fb5ca25ae375e/node_modules/@github/dependency-submission-toolkit/dist/index.js:6:1)
Build / SLSA Provenance / generator
Process completed with exit code 1.
Build / SLSA Provenance / generator
Input required and not supplied: path
Build / SLSA Provenance / final
Process completed with exit code 27.
Checks / CodeQL Analysis (java)
Code Scanning could not process the submitted SARIF file: CodeQL analyses from advanced configurations cannot be processed when the default setup is enabled
Build / SLSA Provenance / detect-env
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: slsa-framework/slsa-github-generator/.github/actions/[email protected]. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Build / SLSA Provenance / generator
Restore cache failed: Dependencies file is not found in /home/runner/work/guava/guava. Supported file pattern: go.sum
Build / SLSA Provenance / generator
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9, ./__BUILDER_CHECKOUT_DIR__/.github/actions/privacy-check, actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753, ./__BUILDER_CHECKOUT_DIR__/.github/actions/compute-sha256, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Checks / CodeQL Analysis (java)
1 issue was detected with this workflow: Please specify an on.push hook to analyze and see code scanning alerts from the default branch on the Security tab.
Checks / Dependency Graph
Submitting snapshot...
Checks / Dependency Graph
{ "manifests": { "guava-parent": { "resolved": { "pkg:maven/com.google.guava/[email protected]?type=jar": { "package_url": "pkg:maven/com.google.guava/[email protected]?type=jar", "relationship": "direct", "scope": "development", "dependencies": [] }, "pkg:maven/com.google.guava/[email protected]?type=jar": { "package_url": "pkg:maven/com.google.guava/[email protected]?type=jar", "relationship": "direct", "scope": "development", "dependencies": [] }, "pkg:maven/com.google.code.findbugs/[email protected]?type=jar": { "package_url": "pkg:maven/com.google.code.findbugs/[email protected]?type=jar", "relationship": "direct", "scope": "runtime", "dependencies": [] }, "pkg:maven/org.checkerframework/[email protected]?type=jar": { "package_url": "pkg:maven/org.checkerframework/[email protected]?type=jar", "relationship": "direct", "scope": "runtime", "dependencies": [] }, "pkg:maven/com.google.errorprone/[email protected]?type=jar": { "package_url": "pkg:maven/com.google.errorprone/[email protected]?type=jar", "relationship": "direct", "scope": "runtime", "dependencies": [] }, "pkg:maven/com.google.j2objc/[email protected]?type=jar": { "package_url": "pkg:maven/com.google.j2objc/[email protected]?type=jar", "relationship": "direct", "scope": "development", "dependencies": [] }, "pkg:maven/com.google.guava/guava@HEAD-jre-SNAPSHOT?type=jar": { "package_url": "pkg:maven/com.google.guava/guava@HEAD-jre-SNAPSHOT?type=jar", "relationship": "direct", "scope": "development", "dependencies": [ "pkg:maven/com.google.guava/[email protected]?type=jar", "pkg:maven/com.google.guava/[email protected]?type=jar", "pkg:maven/com.google.code.findbugs/[email protected]?type=jar", "pkg:maven/com.google.errorprone/[email protected]?type=jar", "pkg:maven/com.google.j2objc/[email protected]?type=jar", "pkg:maven/com.google.guava/[email protected]?type=jar", "pkg:maven/com.google.guava/[email protected]?type=jar" ] }, "pkg:maven/junit/[email protected]?type=jar": { "package_url": "pkg:maven/junit/[email protected]?type=jar", "relationship": "direct", "scope": "development", "dependencies": [ "pkg:maven/org.hamcrest/[email protected]?type=jar", "pkg:maven/org.hamcrest/[email protected]?type=jar" ] }, "pkg:maven/org.hamcrest/[email protected]?type=jar": { "package_url": "pkg:maven/org.hamcrest/[email protected]?type=jar", "relationship": "indirect", "scope": "development", "dependencies": [] }, "pkg:maven/com.google.truth/[email protected]?type=jar": { "package_url": "pkg:maven/com.google.truth/[email protected]?type=jar", "relationship": "di

Artifacts

Produced during runtime
Name Size
guava-artifacts-jre-49e1419230be3a0486f04709dcc346bbdb37cd4d Expired
18.3 MB