Suspended executions poc#22980
Quality Gate failed
Failed conditions
2 Security Hotspots
C Reliability Rating on New Code (required ≥ A)
See analysis details on SonarQube
Catch issues before they fail your Quality Gate with our IDE extension
SonarQube for IDE
Annotations
Check warning on line 136 in core/services/workflows/cmd/enginefleet/docker/run.sh
cl-sonarqube-production / SonarQube Code Analysis
Assign this positional parameter to a local variable.
[S7679] Function parameters should be assigned to local variables with descriptive names
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=ae9d8da6-bdbe-4e1d-97fd-97256240a599&open=ae9d8da6-bdbe-4e1d-97fd-97256240a599
Check warning on line 102 in core/services/workflows/cmd/enginefleet/evm_write.go
cl-sonarqube-production / SonarQube Code Analysis
File is not properly formatted
[goimports.bug.major] null
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=d9292939-e01c-4f72-ac00-31e2088f171a&open=d9292939-e01c-4f72-ac00-31e2088f171a
Check warning on line 26 in core/services/workflows/cmd/enginefleet/main.go
cl-sonarqube-production / SonarQube Code Analysis
G108: Profiling endpoint is automatically exposed on /debug/pprof
[gosec] Issue raised by gosec
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=de5a266b-b130-4cc2-b37d-282b5bdff0d0&open=de5a266b-b130-4cc2-b37d-282b5bdff0d0
Check warning on line 21 in core/services/workflows/cmd/enginefleet/docker/Dockerfile
cl-sonarqube-production / SonarQube Code Analysis
Not disabling redirects might allow for redirections to insecure websites. Make sure it is safe here.
[S6506] Allowing downgrades to a clear-text protocol is security-sensitive
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=d75ec4b6-510a-4ff9-bd70-7860c2e1942c&open=d75ec4b6-510a-4ff9-bd70-7860c2e1942c
Check warning on line 42 in core/services/workflows/cmd/enginefleet/docker/Dockerfile
cl-sonarqube-production / SonarQube Code Analysis
Sort these package names alphanumerically.
[S7018] Arguments in long RUN instructions should be sorted
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=411f80e1-011b-4287-b87e-ed00a1680cad&open=411f80e1-011b-4287-b87e-ed00a1680cad
Check warning on line 17 in core/services/workflows/cmd/enginefleet/docker/Dockerfile
cl-sonarqube-production / SonarQube Code Analysis
Sort these package names alphanumerically.
[S7018] Arguments in long RUN instructions should be sorted
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=6483f29f-a779-4bb6-ba5a-952497dd7697&open=6483f29f-a779-4bb6-ba5a-952497dd7697
Check warning on line 160 in core/services/workflows/cmd/enginefleet/main.go
cl-sonarqube-production / SonarQube Code Analysis
exitAfterDefer: os.Exit will exit, and `defer func(){...}(...)` will not run
[gocritic.bug.major] Issue raised by gocritic
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=0c85ebd9-78a3-42a7-8ef1-807756921839&open=0c85ebd9-78a3-42a7-8ef1-807756921839
Check warning on line 141 in core/services/workflows/cmd/enginefleet/main.go
cl-sonarqube-production / SonarQube Code Analysis
shadow: declaration of "err" shadows declaration at line 106
[shadow] Shadowed variables
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=5b40df25-9001-4d5c-871b-47317958208e&open=5b40df25-9001-4d5c-871b-47317958208e
Check warning on line 34 in core/services/workflows/cmd/enginefleet/docker/Dockerfile
cl-sonarqube-production / SonarQube Code Analysis
The "debian" image runs with "root" as the default user. Make sure it is safe here.
[S6471] Running containers as a privileged user is security-sensitive
See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=5190d329-cc41-40ef-bc4b-40d493a74a31&open=5190d329-cc41-40ef-bc4b-40d493a74a31