Adjust alias resolution implementation to not to alter the current API's flow #23007
pull_requests.yaml
on: pull_request
modules-on-demand-tests-check
4s
Matrix: integration-tests
unit-tests
10m 38s
Matrix: push-docker-fast
compile-and-upload-binaries
9m 10s
run-swagger
52s
vulnerability-scanning
2m 29s
8000
sast-scanning
1m 59s
buf-checks
11s
Matrix: acceptance-tests-large
Matrix: acceptance-tests
Matrix: modules-acceptance-tests
Matrix: modules-acceptance-tests-api
Matrix: modules-acceptance-tests-large
Matrix: modules-acceptance-tests-light
codecov
0s
generate-docker-report
6s
acceptance-tests-windows
1m 47s
push-docker
0s
Annotations
3 errors and 12 warnings
|
unit-tests
Process completed with exit code 1.
|
|
acceptance-tests (--acceptance-go-client-only-fast)
Process completed with exit code 1.
|
|
acceptance-tests (--acceptance-only-fast)
Process completed with exit code 1.
|
|
[MEDIUM] Accidental Mutation of Shared URL Struct in Go Code:
adapters/handlers/rest/operations/authz/add_permissions_urlbuilder.go#L67
Details:
The Shared URL struct might have been unintentionally modified. Verify that this
modification is intentional.
Recommendation:
Review the usage of the shared URL struct to ensure that any mutations are
intentional and do not introduce security vulnerabilities. Consider using
immutable structures or appropriate synchronization mechanisms.
Impact: LOW | Likelihood: LOW | Confidence: LOW
|
|
[HIGH] Potential Misuse of Read() with io.EOF in Go:
adapters/repos/db/lsmkv/segment_serialization_inverted.go#L436
Details:
The Read() function in Go can return fewer bytes than requested along with an
io.EOF error. It is important to handle this correctly to avoid logic errors in
your program. Always check the number of bytes read and handle io.EOF
appropriately.
Recommendation:
Ensure that the Read() function is properly checked for the number of bytes read
and the io.EOF error to avoid incorrect assumptions about the end of input data.
|
|
[HIGH] Missing RUnlock on RWMutex before function return:
adapters/repos/db/lsmkv/segment_group.go#L490
Details:
Ensure that `RUnlock` is called on an `RWMutex` (`$T` variable) lock before
exiting a function to prevent potential deadlocks.
Recommendation:
Ensure that every RWMutex lock acquired with RLock is properly released with
RUnlock before returning from a function. This prevents potential deadlocks and
ensures proper resource management in concurrent Go applications.
Impact: MEDIUM | Likelihood: HIGH | Confidence: MEDIUM
|
|
[HIGH] Missing RUnlock on RWMutex before function return:
adapters/repos/db/lsmkv/segment_group.go#L490
Details:
Ensure that `RUnlock` is called on an `RWMutex` (`$T` variable) lock before
exiting a function to prevent potential deadlocks.
Recommendation:
Ensure that every RWMutex lock acquired with RLock is properly released with
RUnlock before returning from a function. This prevents potential deadlocks and
ensures proper resource management in concurrent Go applications.
Impact: MEDIUM | Likelihood: HIGH | Confidence: MEDIUM
|
|
[HIGH] Missing RUnlock on RWMutex before function return:
adapters/repos/db/lsmkv/segment_group.go#L479
Details:
Ensure that `RUnlock` is called on an `RWMutex` (`$T` variable) lock before
exiting a function to prevent potential deadlocks.
Recommendation:
Ensure that every RWMutex lock acquired with RLock is properly released with
RUnlock before returning from a function. This prevents potential deadlocks and
ensures proper resource management in concurrent Go applications.
Impact: MEDIUM | Likelihood: HIGH | Confidence: MEDIUM
|
|
[HIGH] Missing RUnlock on RWMutex before function return:
adapters/repos/db/lsmkv/segment_group.go#L479
Details:
Ensure that `RUnlock` is called on an `RWMutex` (`$T` variable) lock before
exiting a function to prevent potential deadlocks.
Recommendation:
Ensure that every RWMutex lock acquired with RLock is properly released with
RUnlock before returning from a function. This prevents potential deadlocks and
ensures proper resource management in concurrent Go applications.
Impact: MEDIUM | Likelihood: HIGH | Confidence: MEDIUM
|
|
[HIGH] Exposed Go Profiling Endpoint Can Leak Sensitive Information:
adapters/handlers/rest/configure_api.go#L1735
Details:
Go's built-in profiling service can be accessed through the `/debug/pprof`
endpoint when the `net/http/pprof` package is imported. This endpoint does not
require authentication, allowing anonymous access, which poses a risk of exposing
sensitive information. It is advised to disable this profiling feature in
production environments by removing the `net/http/pprof` import from your code.
Recommendation:
Remove the `net/http/pprof` import to disable the profiling service in
production. This prevents unauthorized access to the `/debug/pprof` endpoint,
which can expose sensitive data.
|
|
[HIGH] Exposed Go Profiling Endpoint Can Leak Sensitive Information:
adapters/handlers/rest/configure_api.go#L1731
Details:
Go's built-in profiling service can be accessed through the `/debug/pprof`
endpoint when the `net/http/pprof` package is imported. This endpoint does not
require authentication, allowing anonymous access, which poses a risk of exposing
sensitive information. It is advised to disable this profiling feature in
production environments by removing the `net/http/pprof` import from your code.
Recommendation:
Remove the `net/http/pprof` import to disable the profiling service in
production. This prevents unauthorized access to the `/debug/pprof` endpoint,
which can expose sensitive data.
|
|
[HIGH] Exposed Go Profiling Endpoint Can Leak Sensitive Information:
adapters/handlers/rest/configure_api.go#L300
Details:
Go's built-in profiling service can be accessed through the `/debug/pprof`
endpoint when the `net/http/pprof` package is imported. This endpoint does not
require authentication, allowing anonymous access, which poses a risk of exposing
sensitive information. It is advised to disable this profiling feature in
production environments by removing the `net/http/pprof` import from your code.
Recommendation:
Remove the `net/http/pprof` import to disable the profiling service in
production. This prevents unauthorized access to the `/debug/pprof` endpoint,
which can expose sensitive data.
|
|
sast-scanning
Unexpected input(s) 'fetch-depth', valid inputs are ['entryPoint', 'args', 'api_token', 'exit_code', 'no_color', 'project_key', 'silent', 'disable_err_report', 'path', 'exclude_paths', 'format', 'output', 'timeout', 'preview_lines', 'console_output', 'config', 'show_annotations', 'max_file_size', 'display_name', 'debug', 'log_path']
|
|
compile-and-upload-binaries
No files were found with the provided path: dist/weaviate_linux_arm64. No artifacts will be uploaded.
|
|
compile-and-upload-binaries
No files were found with the provided path: dist/weaviate_windows_arm64. No artifacts will be uploaded.
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
binaries-linux-amd64
|
60.6 MB |
sha256:a72d69fa058543170c507856dc3e7c5c1d02212087f81edd34ec5ef56eb8eb81
|
|
|
binaries-macos-unsigned
|
121 MB |
sha256:c76aca87c5764c292ba33206289f0c9e23f16fcb19736d657a790ab26e98cc1f
|
|
|
binaries-windows-amd64
|
61.1 MB |
sha256:83a66417bc7d7bc7b17c3bfa1a7767e17690127cc3db02496ff54aabc06fd5ac
|
|
|
coverage-report-integration--integration-vector-package-only
|
968 KB |
sha256:e07a177dea8cbde2858d19da381a357d08bd54d7f4a93132980347cf32575c6b
|
|
|
coverage-report-integration--integration-without-vector-package
|
2.44 MB |
sha256:4802474ac0d6a0b68aa23ee166e7f83678c801de858ea842bf75db53a56e2750
|
|