travis_fold:start:worker_info Worker information hostname: 74fdbbb8-5fb8-42de-8477-4d2a1ae7d1cf@1.worker-n2-com-779d777f7b-9jv6t.gce-production-1 version: 6.2.22 https://github.com/travis-ci/worker/tree/858cb91994a513269f2fe9782c15fc113e966231 instance: travis-job-fa1e537e-46da-40d7-a432-d9435f3b2cb6 travis-ci-ubuntu-2204-1698932501-7a1a9a36 (via amqp) startup: 6.430793752s travis_fold:end:worker_info travis_time:start:04d443ca travis_time:end:04d443ca:start=1711449371853005915,finish=1711449372375674001,duration=522668086,event=no_world_writable_dirs travis_time:start:06f3f045 travis_time:end:06f3f045:start=1711449372379502741,finish=1711449372383876160,duration=4373419,event=setup_filter travis_time:start:15201894 travis_time:end:15201894:start=1711449372389235751,finish=1711449372400228898,duration=10993147,event=agent travis_time:start:056ff240 travis_time:end:056ff240:start=1711449372403308389,finish=1711449372405594446,duration=2286057,event=check_unsupported travis_time:start:0aa94027 travis_fold:start:system_info Build system information Build language: shell Build dist: jammy Build id: 269660880 Job id: 619712752 Runtime kernel version: 6.2.0-1018-gcp travis-build version: 5c36a08f Build image provisioning date and time Thu Nov 2 02:14:52 PM UTC 2023 Operating System Details Distributor ID: Ubuntu Description: Ubuntu 22.04.3 LTS Release: 22.04 Codename: jammy Systemd Version systemd 249 (249.11-0ubuntu3.11) Cookbooks Version f5d122e https://github.com/travis-ci/travis-cookbooks/tree/f5d122e git version git version 2.42.0 bash version GNU bash, version 5.1.16(1)-release (x86_64-pc-linux-gnu) gcc version gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0 docker version Client: Version: 24.0.5 API version: 1.43 Go version: go1.20.3 Git commit: 24.0.5-0ubuntu1~22.04.1 Built: Mon Aug 21 19:50:14 2023 OS/Arch: linux/amd64 Context: default Server: Engine: Version: 24.0.5 API version: 1.43 (minimum version 1.12) Go version: go1.20.3 Git commit: 24.0.5-0ubuntu1~22.04.1 Built: Mon Aug 21 19:50:14 2023 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.7.2 GitCommit: runc: Version: 1.1.7-0ubuntu1~22.04.1 GitCommit: docker-init: Version: 0.19.0 GitCommit: clang version clang version 16.0.0 jq version jq-1.6 bats version Bats 0.4.0 shellcheck version 0.7.2 shfmt version v3.2.1 ccache version 4.5.1 cmake version cmake version 3.26.3 heroku version heroku/8.7.0 linux-x64 node-v16.19.0 imagemagick version Version: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org md5deep version 4.4 mercurial version version 5.3 mysql version mysql Ver 8.0.35-0ubuntu0.22.04.1 for Linux on x86_64 ((Ubuntu)) openssl version OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022) packer version 1.7.5 postgresql client version psql (PostgreSQL) 14.9 (Ubuntu 14.9-0ubuntu0.22.04.1) ragel version Ragel State Machine Compiler version 6.10 March 2017 sudo version 1.9.9 gzip version gzip 1.10 zip version Zip 3.0 vim version VIM - Vi IMproved 8.2 (2019 Dec 12, compiled Oct 16 2023 18:15:38) iptables version iptables v1.8.7 (nf_tables) curl version curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.16 wget version GNU Wget 1.21.2 built on linux-gnu. rsync version rsync version 3.2.7 protocol version 31 gimme version v1.5.4 nvm version 0.39.5 perlbrew version /home/travis/perl5/perlbrew/bin/perlbrew - App::perlbrew/0.95 phpenv version rbenv 1.2.0 rvm version rvm 1.29.12 (latest) by Michal Papis, Piotr Kuczynski, Wayne E. Seguin [https://rvm.io] default ruby version ruby 2.7.8p225 (2023-03-30 revision 1f4d455848) [x86_64-linux] default python version Python 3.10.12 ElasticSearch version 7.16.3 Installed Firefox version firefox 63.0.1 MongoDB version MongoDB 6.0.11 Pre-installed Go versions 1.18.3 ant version Apache Ant(TM) version 1.10.12 compiled on January 17 1970 mvn version Apache Maven 3.9.5 (57804ffe001d7215b5e7bcb531cf83df38f93546) gradle version Gradle 5.1.1! lein version Leiningen 2.10.0 on Java 11.0.21 OpenJDK 64-Bit Server VM Pre-installed Node.js versions v10.24.1 v12.22.12 v14.21.3 v16.20.2 v18.18.2 v20.9.0 v4.9.1 v6.17.1 v8.17.0 v8.9 phpenv versions system 8.1 * 8.1.2 (set by /home/travis/.phpenv/version) hhvm-stable hhvm composer --version Composer version 2.3.7 2022-06-06 16:43:28 Pre-installed Ruby versions ruby-2.7.8 ruby-3.0.4 ruby-3.1.2 travis_fold:end:system_info  travis_time:end:0aa94027:start=1711449372408906431,finish=1711449372417158256,duration=8251825,event=show_system_info travis_time:start:205a1fe0 travis_time:end:205a1fe0:start=1711449372421404763,finish=1711449372448379813,duration=26975050,event=rm_riak_source travis_time:start:2a206bc2 travis_time:end:2a206bc2:start=1711449372452809415,finish=1711449372460206546,duration=7397131,event=fix_rwky_redis travis_time:start:018a779c travis_time:end:018a779c:start=1711449372464381820,finish=1711449373215624102,duration=751242282,event=wait_for_network travis_time:start:2194bc1c travis_time:end:2194bc1c:start=1711449373219880078,finish=1711449373545872104,duration=325992026,event=update_apt_keys travis_time:start:2070ccd8 travis_time:end:2070ccd8:start=1711449373550312462,finish=1711449373619123236,duration=68810774,event=fix_hhvm_source travis_time:start:0b1865ae travis_time:end:0b1865ae:start=1711449373624705368,finish=1711449373630902614,duration=6197246,event=update_mongo_arch travis_time:start:271520d0 travis_time:end:271520d0:start=1711449373635791953,finish=1711449373676366909,duration=40574956,event=fix_sudo_enabled_trusty travis_time:start:032db368 travis_time:end:032db368:start=1711449373680850580,finish=1711449373683200417,duration=2349837,event=update_glibc travis_time:start:0552077a travis_time:end:0552077a:start=1711449373687435904,finish=1711449373697428611,duration=9992707,event=clean_up_path travis_time:start:2390fe98 travis_time:end:2390fe98:start=1711449373701532808,finish=1711449373720117353,duration=18584545,event=fix_resolv_conf travis_time:start:117821a0 travis_time:end:117821a0:start=1711449373725563180,finish=1711449373759489392,duration=33926212,event=fix_etc_hosts travis_time:start:12303590 travis_time:end:12303590:start=1711449373764143670,finish=1711449373774200858,duration=10057188,event=fix_mvn_settings_xml travis_time:start:016ffb0c travis_time:end:016ffb0c:start=1711449373778621877,finish=1711449373794423124,duration=15801247,event=no_ipv6_localhost travis_time:start:0d1cb25b travis_time:end:0d1cb25b:start=1711449373799475228,finish=1711449373802035342,duration=2560114,event=fix_etc_mavenrc travis_time:start:2a621766 OK travis_time:end:2a621766:start=1711449373806796252,finish=1711449374164690890,duration=357894638,event=fix_perforce_key travis_time:start:0d2d011a travis_time:end:0d2d011a:start=1711449374169487575,finish=1711449374173370823,duration=3883248,event=fix_wwdr_certificate travis_time:start:02b5457b travis_time:end:02b5457b:start=1711449374178153627,finish=1711449374245442134,duration=67288507,event=put_localhost_first travis_time:start:060bb58b travis_time:end:060bb58b:start=1711449374249307853,finish=1711449374252710576,duration=3402723,event=home_paths travis_time:start:0c7c2560 travis_time:end:0c7c2560:start=1711449374257010882,finish=1711449374277564463,duration=20553581,event=disable_initramfs travis_time:start:0629fd98 travis_time:end:0629fd98:start=1711449374281778561,finish=1711449374477599979,duration=195821418,event=disable_ssh_roaming travis_time:start:006a24f8 travis_time:end:006a24f8:start=1711449374481877800,finish=1711449374484724239,duration=2846439,event=debug_tools travis_time:start:1359b78e travis_time:end:1359b78e:start=1711449374489022697,finish=1711449374492952740,duration=3930043,event=uninstall_oclint travis_time:start:14c768f2 travis_time:end:14c768f2:start=1711449374496999041,finish=1711449374500368511,duration=3369470,event=rvm_use travis_time:start:152d10a8 travis_time:end:152d10a8:start=1711449374504247553,finish=1711449374516624773,duration=12377220,event=rm_etc_boto_cfg travis_time:start:08b2b478 travis_time:end:08b2b478:start=1711449374521138082,finish=1711449374526021739,duration=4883657,event=rm_oraclejdk8_symlink travis_time:start:01dc693d travis_time:end:01dc693d:start=1711449374533744678,finish=1711449374635145512,duration=101400834,event=enable_i386 travis_time:start:17ebc674 travis_time:end:17ebc674:start=1711449374639952604,finish=1711449374646559183,duration=6606579,event=update_rubygems travis_time:start:02dbc806 travis_time:end:02dbc806:start=1711449374651423508,finish=1711449375798929254,duration=1147505746,event=ensure_path_components travis_time:start:0c21210c travis_time:end:0c21210c:start=1711449375803948685,finish=1711449375806689051,duration=2740366,event=redefine_curl travis_time:start:26286402 travis_time:end:26286402:start=1711449375810806237,finish=1711449375891579015,duration=80772778,event=nonblock_pipe travis_time:start:02d0b1fc travis_time:end:02d0b1fc:start=1711449375897352318,finish=1711449381948466778,duration=6051114460,event=apt_get_update travis_time:start:09c69d85 travis_time:end:09c69d85:start=1711449381952316400,finish=1711449381954794528,duration=2478128,event=deprecate_xcode_64 travis_time:start:0299fcb6 travis_time:end:0299fcb6:start=1711449381958837101,finish=1711449385726189042,duration=3767351941,event=update_heroku travis_time:start:0666815c travis_time:end:0666815c:start=1711449385731141042,finish=1711449385733419070,duration=2278028,event=shell_session_update travis_time:start:2210f18d travis_fold:start:docker_mtu_and_registry_mirrors travis_fold:end:docker_mtu_and_registry_mirrors travis_time:end:2210f18d:start=1711449385738966616,finish=1711449388206893793,duration=2467927177,event=set_docker_mtu_and_registry_mirrors travis_time:start:17307561 travis_fold:start:resolvconf travis_fold:end:resolvconf travis_time:end:17307561:start=1711449388211263673,finish=1711449388318457059,duration=107193386,event=resolvconf travis_time:start:28ed06f4 travis_time:end:28ed06f4:start=1711449388323411970,finish=1711449388465936644,duration=142524674,event=maven_central_mirror travis_time:start:29acf31d travis_time:end:29acf31d:start=1711449388470097325,finish=1711449388571265567,duration=101168242,event=maven_https travis_time:start:214d1ba0 travis_time:end:214d1ba0:start=1711449388577097289,finish=1711449388579987066,duration=2889777,event=fix_ps4 travis_time:start:00407dab  travis_fold:start:git.checkout travis_time:start:244dca94 travis_time:end:244dca94:start=1711449388589740993,finish=1711449388598554628,duration=8813635,event=checkout travis_time:start:0a6f92e0 $ git clone --depth=10 --branch=bfsy-304-ent-am https://github.com/travis-ci/travis-yml.git travis-ci/travis-yml Cloning into 'travis-ci/travis-yml'... travis_time:end:0a6f92e0:start=1711449388602965859,finish=1711449389988142867,duration=1385177008,event=checkout $ cd travis-ci/travis-yml $ git checkout -qf 4126f6f514c480807eaa8f1bd5e5820a12d4d691 travis_fold:end:git.checkout  travis_time:end:0a6f92e0:start=1711449388602965859,finish=1711449390305089211,duration=1702123352,event=checkout travis_time:start:00b54706  Setting environment variables from repository settings $ export QUAY_ROBOT_HANDLE=[secure] $ export QUAY_ROBOT_TOKEN=[secure] travis_time:end:00b54706:start=1711449390310009542,finish=1711449390321966652,duration=11957110,event=env $ bash -c 'echo $BASH_VERSION' 5.1.16(1)-release Skipping the before_install step, as specified in the configuration. Skipping the install step, as specified in the configuration. travis_time:start:16af231d $ make ship docker build --pull --no-cache -t travisci/travis-yml:4126f6f . DEPRECATED: The legacy builder is deprecated and will be removed in a future release. Install the buildx component to build images with BuildKit: https://docs.docker.com/go/buildx/ Sending build context to Docker daemon 3.469MB Step 1/18 : FROM ruby:2.6.10-slim as base 2.6.10-slim: Pulling from library/ruby 1fe172e4850f: Pulling fs layer 100f29d0fcb2: Pulling fs layer 937a564b41a1: Pulling fs layer 96ed6bd3a152: Pulling fs layer 03e23c2ed14b: Pulling fs layer 96ed6bd3a152: Waiting 03e23c2ed14b: Waiting 937a564b41a1: Verifying Checksum 937a564b41a1: Download complete 100f29d0fcb2: Verifying Checksum 100f29d0fcb2: Download complete 1fe172e4850f: Verifying Checksum 1fe172e4850f: Download complete 03e23c2ed14b: Verifying Checksum 03e23c2ed14b: Download complete 96ed6bd3a152: Verifying Checksum 96ed6bd3a152: Download complete 1fe172e4850f: Pull complete 100f29d0fcb2: Pull complete 937a564b41a1: Pull complete 96ed6bd3a152: Pull complete 03e23c2ed14b: Pull complete Digest: sha256:3d641979a7dc819b4c253dc62d2f74800817053247005f72b871d164498109df Status: Downloaded newer image for ruby:2.6.10-slim ---> 6c7e929006b0 Step 2/18 : RUN apt-get update > /dev/null 2>&1 && apt-get upgrade -y > /dev/null 2>&1 && rm -rf /var/lib/apt/lists/* ---> Running in ed012451536f Removing intermediate container ed012451536f ---> 0e69730a3440 Step 3/18 : WORKDIR /app ---> Running in 1c7ab72b864e Removing intermediate container 1c7ab72b864e ---> 629a35b803f1 Step 4/18 : RUN gem update --system 3.4.13 > /dev/null 2>&1 ---> Running in c17bf7fb7a91 Removing intermediate container c17bf7fb7a91 ---> dbba8744172a Step 5/18 : RUN echo "gem: --no-document" >> ~/.gemrc ---> Running in 08c37d047b33 Removing intermediate container 08c37d047b33 ---> 856c41fabf89 Step 6/18 : RUN bundle config set --global no-cache 'true' && bundle config set --global frozen 'true' && bundle config set --global deployment 'true' && bundle config set --global without 'development test' && bundle config set --global clean 'true' && bundle config set --global jobs `expr $(cat /proc/cpuinfo | grep -c 'cpu cores')` && bundle config set --global retry 3 ---> Running in 41598356ed2e Removing intermediate container 41598356ed2e ---> c6c9da53050d Step 7/18 : FROM base as builder ---> c6c9da53050d Step 8/18 : RUN apt-get update > /dev/null 2>&1 && apt-get install -y --no-install-recommends git make gcc g++ > /dev/null 2>&1 && rm -rf /var/lib/apt/lists/* ---> Running in 71a5ed547c9f Removing intermediate container 71a5ed547c9f ---> fe36b37f04da Step 9/18 : COPY .ruby-version travis-yml.gemspec ./ ---> e50778e4cc2d Step 10/18 : COPY ./lib/travis/yml/version.rb ./lib/travis/yml/version.rb ---> a725d778300f Step 11/18 : COPY Gemfile Gemfile.lock ./ ---> ee97e2e517ca Step 12/18 : RUN bundle install ---> Running in 5031c5bfe07f Bundler 2.4.13 is running, but your lockfile was generated with 2.4.17. Installing Bundler 2.4.17 and restarting using that version. Fetching gem metadata from https://rubygems.org/. Fetching bundler 2.4.17 Installing bundler 2.4.17 Fetching https://github.com/travis-ci/travis-conditions Fetching gem metadata from https://rubygems.org/......... Fetching https://github.com/travis-ci/travis-conditions Fetching https://github.com/travis-ci/travis-metrics Fetching sexp_processor 4.14.1 Fetching atomic 1.1.101 Installing atomic 1.1.101 with native extensions Installing sexp_processor 4.14.1 Fetching multipart-post 2.1.1 Installing multipart-post 2.1.1 Fetching hashr 2.0.1 Installing hashr 2.0.1 Fetching hitimes 1.3.1 Installing hitimes 1.3.1 with native extensions Fetching memoyze 0.0.1 Installing memoyze 0.0.1 Fetching multi_json 1.15.0 Installing multi_json 1.15.0 Fetching ruby2_keywords 0.0.5 Installing ruby2_keywords 0.0.5 Fetching nio4r 2.5.8 Installing nio4r 2.5.8 with native extensions Fetching oj 3.7.12 Installing oj 3.7.12 with native extensions Fetching parslet 1.8.2 Installing parslet 1.8.2 Fetching rack 2.2.4 Installing rack 2.2.4 Fetching rack-ssl-enforcer 0.2.9 Installing rack-ssl-enforcer 0.2.9 Fetching redcarpet 3.5.1 Installing redcarpet 3.5.1 with native extensions Fetching regstry 1.0.15 Installing regstry 1.0.15 Fetching ruby-obj 1.0.0 Installing ruby-obj 1.0.0 Fetching sh_vars 1.0.2 Installing sh_vars 1.0.2 Fetching tilt 2.0.11 Installing tilt 2.0.11 Fetching tins 1.24.1 Installing tins 1.24.1 Fetching ruby_parser 3.14.2 Installing ruby_parser 3.14.2 Fetching faraday 0.15.4 Installing faraday 0.15.4 Fetching travis-config 1.1.3 Installing travis-config 1.1.3 Fetching avl_tree 1.2.1 Installing avl_tree 1.2.1 Fetching mustermann 2.0.2 Installing mustermann 2.0.2 Fetching puma 4.3.12 Installing puma 4.3.12 with native extensions Fetching rack-cors 1.1.1 Installing rack-cors 1.1.1 Fetching rack-protection 2.2.3 Installing rack-protection 2.2.3 Fetching protocol 2.0.0 Installing protocol 2.0.0 Fetching faraday_middleware 0.14.0 Installing faraday_middleware 0.14.0 Fetching sentry-raven 2.9.0 Installing sentry-raven 2.9.0 Fetching metriks 0.9.9.8 Installing metriks 0.9.9.8 Fetching sinatra 2.2.3 Installing sinatra 2.2.3 Fetching mize 0.4.0 Installing mize 0.4.0 Fetching metriks-librato_metrics 1.0.6 Installing metriks-librato_metrics 1.0.6 Fetching sinatra-contrib 2.2.3 Installing sinatra-contrib 2.2.3 Fetching amatch 0.4.0 Installing amatch 0.4.0 with native extensions Bundle complete! 17 Gemfile dependencies, 41 gems now installed. Gems in the groups 'development' and 'test' were not installed. Bundled gems are installed into `./vendor/bundle` Post-install message from atomic: This gem has been deprecated and merged into Concurrent Ruby (http://concurrent-ruby.com). Removing intermediate container 5031c5bfe07f ---> 144857fc068d Step 13/18 : FROM base ---> c6c9da53050d Step 14/18 : LABEL maintainer Travis CI GmbH ---> Running in b3407d1cab96 Removing intermediate container b3407d1cab96 ---> 8c10e6acbe0f Step 15/18 : COPY --from=builder /usr/local/bundle /usr/local/bundle ---> df1b18919e44 Step 16/18 : COPY --from=builder /app/vendor ./vendor ---> 5a199475cc13 Step 17/18 : COPY . ./ ---> 88c713dd9f19 Step 18/18 : CMD ["bundle", "exec", "puma", "-C", "lib/travis/yml/web/puma.rb"] ---> Running in db3083d270a3 Removing intermediate container db3083d270a3 ---> 877e5ff22fcd Successfully built 877e5ff22fcd Successfully tagged travisci/travis-yml:4126f6f docker login -u=[secure] -p=[secure] quay.io WARNING! Using --password via the CLI is insecure. Use --password-stdin. WARNING! Your password will be stored unencrypted in /home/travis/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded docker tag travisci/travis-yml:4126f6f quay.io/travisci/travis-yml:4126f6f-bfsy-304-ent-am docker push quay.io/travisci/travis-yml:4126f6f-bfsy-304-ent-am The push refers to repository [quay.io/travisci/travis-yml] 02944bc93a6a: Preparing 4ea784a3db24: Preparing 1e234c66941c: Preparing 2d9508658dd6: Preparing 6d03eb76012b: Preparing 76285a80c66f: Preparing aba9acf3c0a6: Preparing 767f3930ddbc: Preparing 9ce6f9af70fc: Preparing 72325fcd36b7: Preparing 833c59850580: Preparing 3471fad30f0e: Preparing 9c1b6dd6c1e6: Preparing 76285a80c66f: Waiting aba9acf3c0a6: Waiting 767f3930ddbc: Waiting 9ce6f9af70fc: Waiting 72325fcd36b7: Waiting 833c59850580: Waiting 3471fad30f0e: Waiting 9c1b6dd6c1e6: Waiting 02944bc93a6a: Pushed 2d9508658dd6: Pushed 6d03eb76012b: Pushed 1e234c66941c: Pushed 9ce6f9af70fc: Layer already exists 72325fcd36b7: Layer already exists 833c59850580: Layer already exists aba9acf3c0a6: Pushed 4ea784a3db24: Pushed 9c1b6dd6c1e6: Layer already exists 3471fad30f0e: Layer already exists 76285a80c66f: Pushed 767f3930ddbc: Pushed 4126f6f-bfsy-304-ent-am: digest: sha256:49d65c99f5418ab3a995d151d249b549c7f88636d349444690fc9f0c0c35c40d size: 3041 docker run --rm -v /tmp:/root/.cache/ -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy i --ignore-unfixed quay.io/travisci/travis-yml:4126f6f-bfsy-304-ent-am Unable to find image 'aquasec/trivy:latest' locally latest: Pulling from aquasec/trivy 4abcf2066143: Pulling fs layer fea79d813ba7: Pulling fs layer 59e37f8d454d: Pulling fs layer e0642506ddfc: Pulling fs layer e0642506ddfc: Waiting fea79d813ba7: Verifying Checksum fea79d813ba7: Download complete 4abcf2066143: Verifying Checksum 4abcf2066143: Download complete 4abcf2066143: Pull complete e0642506ddfc: Verifying Checksum e0642506ddfc: Download complete 59e37f8d454d: Verifying Checksum 59e37f8d454d: Download complete fea79d813ba7: Pull complete 59e37f8d454d: Pull complete e0642506ddfc: Pull complete Digest: sha256:a195a07b467618b7683b9170338bcfd7423b2aa5b869e7ef49ab9e3c0af4d130 Status: Downloaded newer image for aquasec/trivy:latest 2024-03-26T10:38:20.984Z INFO Need to update DB 2024-03-26T10:38:20.984Z INFO DB Repository: ghcr.io/aquasecurity/trivy-db:2 2024-03-26T10:38:20.984Z INFO Downloading DB... 26.30 MiB / 44.64 MiB [----------------------------------->_________________________] 58.91% ? p/s ?44.64 MiB / 44.64 MiB [----------------------------------------------------------->] 100.00% ? p/s ?44.64 MiB / 44.64 MiB [----------------------------------------------------------->] 100.00% ? p/s ?44.64 MiB / 44.64 MiB [---------------------------------------------->] 100.00% 30.54 MiB p/s ETA 0s44.64 MiB / 44.64 MiB [---------------------------------------------->] 100.00% 30.54 MiB p/s ETA 0s44.64 MiB / 44.64 MiB [---------------------------------------------->] 100.00% 30.54 MiB p/s ETA 0s44.64 MiB / 44.64 MiB [---------------------------------------------->] 100.00% 28.57 MiB p/s ETA 0s44.64 MiB / 44.64 MiB [---------------------------------------------->] 100.00% 28.57 MiB p/s ETA 0s44.64 MiB / 44.64 MiB [---------------------------------------------->] 100.00% 28.57 MiB p/s ETA 0s44.64 MiB / 44.64 MiB [-------------------------------------------------] 100.00% 27.15 MiB p/s 1.8s2024-03-26T10:38:23.215Z INFO Vulnerability scanning is enabled 2024-03-26T10:38:23.215Z INFO Secret scanning is enabled 2024-03-26T10:38:23.215Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 2024-03-26T10:38:23.215Z INFO Please see also https://aquasecurity.github.io/trivy/v0.50/docs/scanner/secret/#recommendation for faster secret detection 2024-03-26T10:38:33.857Z INFO Detected OS: debian 2024-03-26T10:38:33.858Z INFO Detecting Debian vulnerabilities... 2024-03-26T10:38:33.901Z INFO Number of language-specific files: 3 2024-03-26T10:38:33.901Z INFO Detecting cargo vulnerabilities... 2024-03-26T10:38:33.902Z INFO Detecting gemspec vulnerabilities... 2024-03-26T10:38:33.982Z INFO Table result includes only package filenames. Use '--format json' option to get the full path to the package file. quay.io/travisci/travis-yml:4126f6f-bfsy-304-ent-am (debian 11.9) ================================================================= Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) Ruby (gemspec) ============== Total: 14 (UNKNOWN: 0, LOW: 1, MEDIUM: 7, HIGH: 6, CRITICAL: 0) ┌───────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬──────────────────────────────────────────────────────────┬────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├───────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ json (json-2.1.0.gemspec) │ CVE-2020-10663 │ HIGH │ fixed │ 2.1.0 │ >= 2.3.0 │ rubygem-json: Unsafe object creation vulnerability in JSON │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-10663 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼──────────────────���─────────────────────────────────────────┤ │ puma (puma-4.3.12.gemspec) │ CVE-2023-40175 │ MEDIUM │ │ 4.3.12 │ ~> 5.6.7, >= 6.3.1 │ rubygem-puma: HTTP request smuggling when parsing chunked │ │ │ │ │ │ │ │ transfer encoding bodies and zero-length... │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-40175 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2024-21647 │ │ │ │ ~> 5.6.8, >= 6.4.2 │ rubygem-puma: HTTP request smuggling when parsing chunked │ │ │ │ │ │ │ │ Transfer-Encoding Bodies │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-21647 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ rack (rack-2.2.4.gemspec) │ CVE-2022-44570 │ HIGH │ │ 2.2.4 │ ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= │ rubygem-rack: denial of service in Content-Disposition │ │ │ │ │ │ │ 2.2.6.2, >= 3.0.4.1 │ parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44570 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2022-44571 │ │ │ │ ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= │ rubygem-rack: denial of service in Content-Disposition │ │ │ │ │ │ │ 2.2.6.1, >= 3.0.4.1 │ parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44571 │ │ ├────────────────┤ │ │ │ ├────────────────────────────────────────────────────────────┤ │ │ CVE-2022-44572 │ │ │ │ │ rubygem-rack: denial of service in Content-Disposition │ │ │ │ │ │ │ │ parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44572 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2023-27530 │ │ │ │ ~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= │ rubygem-rack: Denial of service in Multipart MIME parsing │ │ │ │ │ │ │ 2.2.6.3, >= 3.0.4.2 │ https://avd.aquasec.com/nvd/cve-2023-27530 │ │ ├────────────────┼──────────┤ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2023-27539 │ MEDIUM │ │ │ ~> 2.0, >= 2.2.6.4, >= 3.0.6.1 │ rubygem-rack: denial of service in header parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-27539 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2024-25126 │ │ │ │ ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1 │ rubygem-rack: Denial of Service Vulnerability in Rack │ │ │ │ │ │ │ │ Content-Type Parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-25126 │ │ ├────────────────┤ │ │ │ ├────────────────────────────────────────────────────────────┤ │ │ CVE-2024-26141 │ │ │ │ │ rubygem-rack: Possible DoS Vulnerability with Range Header │ │ │ │ │ │ │ │ in Rack │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-26141 │ │ ├──────────���─────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2024-26146 │ │ │ │ ~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= │ rubygem-rack: Possible Denial of Service Vulnerability in │ │ │ │ │ │ │ 2.2.8.1, >= 3.0.9.1 │ Rack Header Parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-26146 │ ├───────────────────────────────────┼────────────────┤ │ ├───────────────────┼──────────────────────────────────────────────────────────┼───────────────────────────────────���────────────────────────┤ │ rdoc (rdoc-6.1.2.1.gemspec) │ CVE-2024-27281 │ │ │ 6.1.2.1 │ ~> 6.3.4, >= 6.3.4.1, ~> 6.4.1, >= 6.4.1.1, >= 6.5.1.1 │ ruby: RCE vulnerability with .rdoc_options in RDoc │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-27281 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ stringio (stringio-0.0.2.gemspec) │ CVE-2024-27280 │ LOW │ │ 0.0.2 │ >= 3.0.1.1 │ ruby: Buffer overread vulnerability in StringIO │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-27280 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ webrick (webrick-1.4.4.gemspec) │ CVE-2020-25613 │ HIGH │ │ 1.4.4 │ >= 1.6.1 │ ruby: Potential HTTP request smuggling in WEBrick │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-25613 │ └───────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴──────────────────────────────────────────────────────────┴────────────────────────────────────────────────────────────┘ usr/local/bundle/gems/rubygems-update-3.4.13/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock (cargo) ======================================================================================================================================== Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0) ┌─────────┬─────────────────────┬─���────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────┼─────────────────────┼──────────┼────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────┤ │ shlex │ GHSA-r7qv-8r2h-pg27 │ HIGH │ fixed │ 1.1.0 │ 1.3.0 │ Multiple issues involving quote API in shlex │ │ │ │ │ │ │ │ https://github.com/advisories/GHSA-r7qv-8r2h-pg27 │ └─────────┴─────────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────┘ usr/local/bundle/gems/rubygems-update-3.4.13/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock (cargo) ========================================================================================================================== Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0) ┌─────────┬─────────────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────┼─────────────────────┼──────────┼────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────┤ │ shlex │ GHSA-r7qv-8r2h-pg27 │ HIGH │ fixed │ 1.1.0 │ 1.3.0 │ Multiple issues involving quote API in shlex │ │ │ │ │ │ │ │ https://github.com/advisories/GHSA-r7qv-8r2h-pg27 │ └───���─────┴─────────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────┘ travis_time:end:16af231d:start=1711449390332689753,finish=1711449514294106040,duration=123961416287,event=script The command "make ship" exited with 0. Done. Your build exited with 0.