1. CI/CD pull request

CCM-13308: Address trivy report #1851

Sign in to view logs

Triggered via push February 11, 2026 15:55

nhsd-angel-pastor

feature/CCM-13308_add_report_reference

Status Failure

Total duration 30m 25s

Artifacts 8

cicd-1-pull-request.yaml

on: push

Set CI/CD metadata

Commit stage / Scan secrets

Commit stage / Check file format

Commit stage / Check Markdown format

Commit stage / Check English usage

Commit stage / Check TODO usage

Commit stage / Trivy Package Scan

Commit stage / Count lines of code

Commit stage / Scan dependencies

Commit stage / Detect Terraform Changes

Commit stage / Run terraform-docs

Commit stage / Lint Terraform

Commit stage / Trivy IaC Scan

Test stage / Linting

Test stage / Typecheck

Test stage / Detect Schema Changes

Test stage / Unit tests

Test stage / Check generated dependencies

Test stage / Perform static analysis

Build stage / Detect Documentation Changes

Build stage / Build Docs

Trigger dynamic environment creation

Publish stage / Publish packages

Acceptance stage / Contract test

Acceptance stage / Security test

Acceptance stage / UI test

Acceptance stage / UI performance test

Acceptance stage / Integration test

Acceptance stage / Accessibility test

Acceptance stage / Load test

Annotations

1 error and 10 warnings

Acceptance stage / Integration test

Process completed with exit code 1.

Test stage / Linting: utils/utils/src/event-publisher/event-publisher.ts#L101

Function Call Object Injection Sink

Test stage / Linting: utils/utils/src/event-publisher/event-publisher.ts#L99

Generic Object Injection Sink

Test stage / Linting: utils/utils/src/dynamodb/delete-dynamo-batch.ts#L47

Generic Object Injection Sink

Test stage / Linting: utils/utils/src/dynamodb/delete-dynamo-batch.ts#L34

Generic Object Injection Sink

Test stage / Linting: utils/utils/src/config-reader.ts#L69

Variable Assigned to Object Injection Sink

Test stage / Linting: utils/utils/src/cache/cache.ts#L52

Generic Object Injection Sink

Test stage / Linting: utils/utils/src/cache/cache.ts#L33

Variable Assigned to Object Injection Sink

Test stage / Linting: lambdas/print-analyser/src/__tests__/test-data.ts#L60

Found readFileSync from package "node:fs" with non literal argument at index 0

Test stage / Linting: lambdas/ttl-handle-expiry-lambda/src/__tests__/app/dlq.test.ts#L183

Variable Assigned to Object Injection Sink

Test stage / Linting: lambdas/ttl-create-lambda/src/apis/sqs-trigger-lambda.ts#L87

Generic Object Injection Sink

Artifacts

Produced during runtime

Name	Size	Digest
code-coverage-report	16.3 KB	`sha256:fe2f1836599afb4ea6734e98cabc1a14e6d43dc6674fe636169d52b9cdce2a86`
jekyll-docs-0.0.2-20260211.155553+2c3f82a Expired	20.9 MB	`sha256:4c082c4473ee12573a292e0b0911ec6d8e13d200f8b71f9f403c0f1097796702`
lines-of-code-report.json.zip	971 Bytes	`sha256:eddc8c74fdae7cac679a2089b5f1b7243e1f87573d0614f130c269df710764f2`
python-coverage-reports	11.7 KB	`sha256:aa5cc26b9cc981010fdbb8fe7e918eba7b684f2dfee29f3a63f7ad486f669ed1`
sbom-repository-report.json.zip	406 KB	`sha256:dc2b44e94635dd1819166d22d5d02cac3c9dd291c75c913d8eebfeca319498a6`
schemas-0.0.2-20260211.155553+2c3f82a	45.2 KB	`sha256:98c6d315b9709acaf45b1af90eaa428bb073434cec4b56f9573df3bbe16fbb0a`
unit-tests	1.7 MB	`sha256:59331ffbda23ec872e5a9e947892efa0387f950c2b436e00630d49c77aafba75`
vulnerabilities-repository-report.json.zip	6.66 KB	`sha256:102f6fcf52c8cd6a701d575c26e6fa1ce6c9686c9e72c7c4b56653b023e83d56`