travis_fold:start:worker_info Worker information hostname: d307a9c9-47a0-41b9-b847-ecf4d3e6089b@1.worker-n2-com-779d777f7b-hxsb6.gce-production-1 version: 6.2.22 https://github.com/travis-ci/worker/tree/858cb91994a513269f2fe9782c15fc113e966231 instance: travis-job-7d4861c6-08df-41da-9bf8-312c156c4684 travis-ci-ubuntu-2204-1698932501-7a1a9a36 (via amqp) startup: 6.445648362s travis_fold:end:worker_info travis_time:start:1c072f8c travis_time:end:1c072f8c:start=1715151538775595371,finish=1715151539238709185,duration=463113814,event=no_world_writable_dirs travis_time:start:01b217bc travis_time:end:01b217bc:start=1715151539242514753,finish=1715151539246562111,duration=4047358,event=setup_filter travis_time:start:1128511b travis_time:end:1128511b:start=1715151539251109409,finish=1715151539261605877,duration=10496468,event=agent travis_time:start:1e5cd8f4 travis_time:end:1e5cd8f4:start=1715151539264734038,finish=1715151539266790127,duration=2056089,event=check_unsupported travis_time:start:017f6fa8 travis_fold:start:system_info Build system information Build language: shell Build dist: jammy Build id: 270361643 Job id: 621439269 Runtime kernel version: 6.2.0-1018-gcp travis-build version: 22cc7fd4 Build image provisioning date and time Thu Nov 2 02:14:52 PM UTC 2023 Operating System Details Distributor ID: Ubuntu Description: Ubuntu 22.04.3 LTS Release: 22.04 Codename: jammy Systemd Version systemd 249 (249.11-0ubuntu3.11) Cookbooks Version f5d122e https://github.com/travis-ci/travis-cookbooks/tree/f5d122e git version git version 2.42.0 bash version GNU bash, version 5.1.16(1)-release (x86_64-pc-linux-gnu) gcc version gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0 docker version Client: Version: 24.0.5 API version: 1.43 Go version: go1.20.3 Git commit: 24.0.5-0ubuntu1~22.04.1 Built: Mon Aug 21 19:50:14 2023 OS/Arch: linux/amd64 Context: default Server: Engine: Version: 24.0.5 API version: 1.43 (minimum version 1.12) Go version: go1.20.3 Git commit: 24.0.5-0ubuntu1~22.04.1 Built: Mon Aug 21 19:50:14 2023 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.7.2 GitCommit: runc: Version: 1.1.7-0ubuntu1~22.04.1 GitCommit: docker-init: Version: 0.19.0 GitCommit: clang version clang version 16.0.0 jq version jq-1.6 bats version Bats 0.4.0 shellcheck version 0.7.2 shfmt version v3.2.1 ccache version 4.5.1 cmake version cmake version 3.26.3 heroku version heroku/8.7.0 linux-x64 node-v16.19.0 imagemagick version Version: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org md5deep version 4.4 mercurial version version 5.3 mysql version mysql Ver 8.0.35-0ubuntu0.22.04.1 for Linux on x86_64 ((Ubuntu)) openssl version OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022) packer version 1.7.5 postgresql client version psql (PostgreSQL) 14.9 (Ubuntu 14.9-0ubuntu0.22.04.1) ragel version Ragel State Machine Compiler version 6.10 March 2017 sudo version 1.9.9 gzip version gzip 1.10 zip version Zip 3.0 vim version VIM - Vi IMproved 8.2 (2019 Dec 12, compiled Oct 16 2023 18:15:38) iptables version iptables v1.8.7 (nf_tables) curl version curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.16 wget version GNU Wget 1.21.2 built on linux-gnu. rsync version rsync version 3.2.7 protocol version 31 gimme version v1.5.4 nvm version 0.39.5 perlbrew version /home/travis/perl5/perlbrew/bin/perlbrew - App::perlbrew/0.95 phpenv version rbenv 1.2.0 rvm version rvm 1.29.12 (latest) by Michal Papis, Piotr Kuczynski, Wayne E. Seguin [https://rvm.io] default ruby version ruby 2.7.8p225 (2023-03-30 revision 1f4d455848) [x86_64-linux] default python version Python 3.10.12 ElasticSearch version 7.16.3 Installed Firefox version firefox 63.0.1 MongoDB version MongoDB 6.0.11 Pre-installed Go versions 1.18.3 ant version Apache Ant(TM) version 1.10.12 compiled on January 17 1970 mvn version Apache Maven 3.9.5 (57804ffe001d7215b5e7bcb531cf83df38f93546) gradle version Gradle 5.1.1! lein version Leiningen 2.10.0 on Java 11.0.21 OpenJDK 64-Bit Server VM Pre-installed Node.js versions v10.24.1 v12.22.12 v14.21.3 v16.20.2 v18.18.2 v20.9.0 v4.9.1 v6.17.1 v8.17.0 v8.9 phpenv versions system 8.1 * 8.1.2 (set by /home/travis/.phpenv/version) hhvm-stable hhvm composer --version Composer version 2.3.7 2022-06-06 16:43:28 Pre-installed Ruby versions ruby-2.7.8 ruby-3.0.4 ruby-3.1.2 travis_fold:end:system_info  travis_time:end:017f6fa8:start=1715151539270037649,finish=1715151539279367066,duration=9329417,event=show_system_info travis_time:start:10569a40 travis_time:end:10569a40:start=1715151539282650446,finish=1715151539307947200,duration=25296754,event=rm_riak_source travis_time:start:145183b0 travis_time:end:145183b0:start=1715151539312149040,finish=1715151539319232331,duration=7083291,event=fix_rwky_redis travis_time:start:04860f60 travis_time:end:04860f60:start=1715151539323481588,finish=1715151540280190732,duration=956709144,event=wait_for_network travis_time:start:0a103c77 travis_time:end:0a103c77:start=1715151540285560222,finish=1715151540577522758,duration=291962536,event=update_apt_keys travis_time:start:1e28a7ed travis_time:end:1e28a7ed:start=1715151540582017607,finish=1715151540644822816,duration=62805209,event=fix_hhvm_source travis_time:start:02e672c8 travis_time:end:02e672c8:start=1715151540648507698,finish=1715151540652987463,duration=4479765,event=update_mongo_arch travis_time:start:16d20b5c travis_time:end:16d20b5c:start=1715151540656411766,finish=1715151540692931944,duration=36520178,event=fix_sudo_enabled_trusty travis_time:start:32e6b6ae travis_time:end:32e6b6ae:start=1715151540696779377,finish=1715151540698851470,duration=2072093,event=update_glibc travis_time:start:19c3c3a0 travis_time:end:19c3c3a0:start=1715151540702315673,finish=1715151540711708222,duration=9392549,event=clean_up_path travis_time:start:098182c0 travis_time:end:098182c0:start=1715151540715315086,finish=1715151540730685771,duration=15370685,event=fix_resolv_conf travis_time:start:117b85ed travis_time:end:117b85ed:start=1715151540735423155,finish=1715151540755683733,duration=20260578,event=fix_etc_hosts travis_time:start:03258f18 travis_time:end:03258f18:start=1715151540759948649,finish=1715151540768358429,duration=8409780,event=fix_mvn_settings_xml travis_time:start:31d77980 travis_time:end:31d77980:start=1715151540771815144,finish=1715151540786496324,duration=14681180,event=no_ipv6_localhost travis_time:start:0c7c1d63 travis_time:end:0c7c1d63:start=1715151540790128838,finish=1715151540793493222,duration=3364384,event=fix_etc_mavenrc travis_time:start:00d9ea80 OK travis_time:end:00d9ea80:start=1715151540796871723,finish=1715151541124234914,duration=327363191,event=fix_perforce_key travis_time:start:170e896a travis_time:end:170e896a:start=1715151541129789118,finish=1715151541132965885,duration=3176767,event=fix_wwdr_certificate travis_time:start:221fc350 travis_time:end:221fc350:start=1715151541137773118,finish=1715151541207600781,duration=69827663,event=put_localhost_first travis_time:start:053acfbe travis_time:end:053acfbe:start=1715151541211388881,finish=1715151541214726723,duration=3337842,event=home_paths travis_time:start:32025310 travis_time:end:32025310:start=1715151541220547997,finish=1715151541239233870,duration=18685873,event=disable_initramfs travis_time:start:2bef632c travis_time:end:2bef632c:start=1715151541244440359,finish=1715151541374410694,duration=129970335,event=disable_ssh_roaming travis_time:start:0869204a travis_time:end:0869204a:start=1715151541378284086,finish=1715151541380629210,duration=2345124,event=debug_tools travis_time:start:2729c792 travis_time:end:2729c792:start=1715151541384514525,finish=1715151541387489906,duration=2975381,event=uninstall_oclint travis_time:start:05397603 travis_time:end:05397603:start=1715151541391311674,finish=1715151541394224199,duration=2912525,event=rvm_use travis_time:start:0a2a353c travis_time:end:0a2a353c:start=1715151541397796627,finish=1715151541409326131,duration=11529504,event=rm_etc_boto_cfg travis_time:start:095b8d98 travis_time:end:095b8d98:start=1715151541413265763,finish=1715151541416565280,duration=3299517,event=rm_oraclejdk8_symlink travis_time:start:0dc2e6e2 travis_time:end:0dc2e6e2:start=1715151541420807546,finish=1715151541518043681,duration=97236135,event=enable_i386 travis_time:start:14f9b842 travis_time:end:14f9b842:start=1715151541523138698,finish=1715151541528001984,duration=4863286,event=update_rubygems travis_time:start:1c8abf24 travis_time:end:1c8abf24:start=1715151541532556029,finish=1715151542560247364,duration=1027691335,event=ensure_path_components travis_time:start:00269d2c travis_time:end:00269d2c:start=1715151542563955452,finish=1715151542566352554,duration=2397102,event=redefine_curl travis_time:start:12454236 travis_time:end:12454236:start=1715151542570051784,finish=1715151542637214019,duration=67162235,event=nonblock_pipe travis_time:start:066d9cc2 travis_time:end:066d9cc2:start=1715151542640858691,finish=1715151548683606894,duration=6042748203,event=apt_get_update travis_time:start:0da3734e travis_time:end:0da3734e:start=1715151548687965811,finish=1715151548690501673,duration=2535862,event=deprecate_xcode_64 travis_time:start:05f7c5fa travis_time:end:05f7c5fa:start=1715151548694351799,finish=1715151552468934934,duration=3774583135,event=update_heroku travis_time:start:004923a8 travis_time:end:004923a8:start=1715151552474141247,finish=1715151552476442718,duration=2301471,event=shell_session_update travis_time:start:0f5e8a16 travis_fold:start:docker_mtu_and_registry_mirrors travis_fold:end:docker_mtu_and_registry_mirrors travis_time:end:0f5e8a16:start=1715151552480257822,finish=1715151554873768212,duration=2393510390,event=set_docker_mtu_and_registry_mirrors travis_time:start:15f2f458 travis_fold:start:resolvconf travis_fold:end:resolvconf travis_time:end:15f2f458:start=1715151554878948049,finish=1715151554978156566,duration=99208517,event=resolvconf travis_time:start:2527fd03 travis_time:end:2527fd03:start=1715151554982715456,finish=1715151555112766937,duration=130051481,event=maven_central_mirror travis_time:start:0e4f4c23 travis_time:end:0e4f4c23:start=1715151555116909815,finish=1715151555214308839,duration=97399024,event=maven_https travis_time:start:1aa021f6 travis_time:end:1aa021f6:start=1715151555219764785,finish=1715151555222489562,duration=2724777,event=fix_ps4 travis_time:start:1ba03c87  travis_fold:start:git.checkout travis_time:start:07d51026 travis_time:end:07d51026:start=1715151555231521659,finish=1715151555239289829,duration=7768170,event=checkout travis_time:start:0d7b11e0 $ git clone --depth=10 --branch=enterprise-3.0 https://github.com/travis-ci/travis-yml.git travis-ci/travis-yml Cloning into 'travis-ci/travis-yml'... travis_time:end:0d7b11e0:start=1715151555243518808,finish=1715151556622019110,duration=1378500302,event=checkout $ cd travis-ci/travis-yml $ git checkout -qf 5e64e0255b249470bf73b839fc2cbdc91cad6d84 travis_fold:end:git.checkout  travis_time:end:0d7b11e0:start=1715151555243518808,finish=1715151556935745635,duration=1692226827,event=checkout travis_time:start:09da76a8  Setting environment variables from repository settings $ export QUAY_ROBOT_HANDLE=[secure] $ export QUAY_ROBOT_TOKEN=[secure] travis_time:end:09da76a8:start=1715151556940315918,finish=1715151556944579497,duration=4263579,event=env $ bash -c 'echo $BASH_VERSION' 5.1.16(1)-release Skipping the before_install step, as specified in the configuration. Skipping the install step, as specified in the configuration. travis_time:start:04bdf8c0 $ make ship docker build --pull --no-cache -t travisci/travis-yml:5e64e02 . DEPRECATED: The legacy builder is deprecated and will be removed in a future release. Install the buildx component to build images with BuildKit: https://docs.docker.com/go/buildx/ Sending build context to Docker daemon 3.469MB Step 1/18 : FROM ruby:2.6.10-slim as base 2.6.10-slim: Pulling from library/ruby 1fe172e4850f: Pulling fs layer 100f29d0fcb2: Pulling fs layer 937a564b41a1: Pulling fs layer 96ed6bd3a152: Pulling fs layer 03e23c2ed14b: Pulling fs layer 96ed6bd3a152: Waiting 03e23c2ed14b: Waiting 937a564b41a1: Download complete 100f29d0fcb2: Verifying Checksum 100f29d0fcb2: Download complete 03e23c2ed14b: Verifying Checksum 03e23c2ed14b: Download complete 1fe172e4850f: Verifying Checksum 1fe172e4850f: Download complete 96ed6bd3a152: Verifying Checksum 96ed6bd3a152: Download complete 1fe172e4850f: Pull complete 100f29d0fcb2: Pull complete 937a564b41a1: Pull complete 96ed6bd3a152: Pull complete 03e23c2ed14b: Pull complete Digest: sha256:3d641979a7dc819b4c253dc62d2f74800817053247005f72b871d164498109df Status: Downloaded newer image for ruby:2.6.10-slim ---> 6c7e929006b0 Step 2/18 : RUN apt-get update > /dev/null 2>&1 && apt-get upgrade -y > /dev/null 2>&1 && rm -rf /var/lib/apt/lists/* ---> Running in f2d1b5e40710 Removing intermediate container f2d1b5e40710 ---> 9301090caea7 Step 3/18 : WORKDIR /app ---> Running in e2b7fbe47826 Removing intermediate container e2b7fbe47826 ---> 5b3b0aefc506 Step 4/18 : RUN gem update --system 3.4.13 > /dev/null 2>&1 ---> Running in 04a24d060ae3 Removing intermediate container 04a24d060ae3 ---> 01b2ca6c72ca Step 5/18 : RUN echo "gem: --no-document" >> ~/.gemrc ---> Running in 30b88b8364b6 Removing intermediate container 30b88b8364b6 ---> 762b04224506 Step 6/18 : RUN bundle config set --global no-cache 'true' && bundle config set --global frozen 'true' && bundle config set --global deployment 'true' && bundle config set --global without 'development test' && bundle config set --global clean 'true' && bundle config set --global jobs `expr $(cat /proc/cpuinfo | grep -c 'cpu cores')` && bundle config set --global retry 3 ---> Running in a7a9b0c014a6 Removing intermediate container a7a9b0c014a6 ---> f3ad9f51aed7 Step 7/18 : FROM base as builder ---> f3ad9f51aed7 Step 8/18 : RUN apt-get update > /dev/null 2>&1 && apt-get install -y --no-install-recommends git make gcc g++ > /dev/null 2>&1 && rm -rf /var/lib/apt/lists/* ---> Running in cc05bfa878e0 Removing intermediate container cc05bfa878e0 ---> 1ea56483bc2a Step 9/18 : COPY .ruby-version travis-yml.gemspec ./ ---> 1e742d75bb0c Step 10/18 : COPY ./lib/travis/yml/version.rb ./lib/travis/yml/version.rb ---> 0d5fad887bf9 Step 11/18 : COPY Gemfile Gemfile.lock ./ ---> 96fd452ed7c1 Step 12/18 : RUN bundle install ---> Running in 4698c35260fd Bundler 2.4.13 is running, but your lockfile was generated with 2.4.17. Installing Bundler 2.4.17 and restarting using that version. Fetching gem metadata from https://rubygems.org/. Fetching bundler 2.4.17 Installing bundler 2.4.17 Fetching https://github.com/travis-ci/travis-conditions Fetching gem metadata from https://rubygems.org/......... Fetching https://github.com/travis-ci/travis-conditions Fetching https://github.com/travis-ci/travis-metrics Fetching sexp_processor 4.14.1 Fetching atomic 1.1.101 Installing atomic 1.1.101 with native extensions Installing sexp_processor 4.14.1 Fetching multipart-post 2.1.1 Installing multipart-post 2.1.1 Fetching hashr 2.0.1 Installing hashr 2.0.1 Fetching hitimes 1.3.1 Installing hitimes 1.3.1 with native extensions Fetching memoyze 0.0.1 Installing memoyze 0.0.1 Fetching multi_json 1.15.0 Installing multi_json 1.15.0 Fetching ruby2_keywords 0.0.5 Installing ruby2_keywords 0.0.5 Fetching nio4r 2.5.8 Installing nio4r 2.5.8 with native extensions Fetching oj 3.7.12 Installing oj 3.7.12 with native extensions Fetching parslet 1.8.2 Installing parslet 1.8.2 Fetching rack 2.2.4 Installing rack 2.2.4 Fetching rack-ssl-enforcer 0.2.9 Installing rack-ssl-enforcer 0.2.9 Fetching redcarpet 3.5.1 Installing redcarpet 3.5.1 with native extensions Fetching regstry 1.0.15 Installing regstry 1.0.15 Fetching ruby-obj 1.0.0 Installing ruby-obj 1.0.0 Fetching sh_vars 1.0.2 Installing sh_vars 1.0.2 Fetching tilt 2.0.11 Installing tilt 2.0.11 Fetching tins 1.24.1 Installing tins 1.24.1 Fetching ruby_parser 3.14.2 Installing ruby_parser 3.14.2 Fetching faraday 0.15.4 Installing faraday 0.15.4 Fetching travis-config 1.1.3 Installing travis-config 1.1.3 Fetching avl_tree 1.2.1 Installing avl_tree 1.2.1 Fetching mustermann 2.0.2 Installing mustermann 2.0.2 Fetching puma 4.3.12 Installing puma 4.3.12 with native extensions Fetching rack-cors 1.1.1 Installing rack-cors 1.1.1 Fetching rack-protection 2.2.3 Installing rack-protection 2.2.3 Fetching protocol 2.0.0 Installing protocol 2.0.0 Fetching faraday_middleware 0.14.0 Installing faraday_middleware 0.14.0 Fetching sentry-raven 2.9.0 Installing sentry-raven 2.9.0 Fetching metriks 0.9.9.8 Installing metriks 0.9.9.8 Fetching sinatra 2.2.3 Installing sinatra 2.2.3 Fetching mize 0.4.0 Installing mize 0.4.0 Fetching metriks-librato_metrics 1.0.6 Installing metriks-librato_metrics 1.0.6 Fetching sinatra-contrib 2.2.3 Installing sinatra-contrib 2.2.3 Fetching amatch 0.4.0 Installing amatch 0.4.0 with native extensions Bundle complete! 17 Gemfile dependencies, 41 gems now installed. Gems in the groups 'development' and 'test' were not installed. Bundled gems are installed into `./vendor/bundle` Post-install message from atomic: This gem has been deprecated and merged into Concurrent Ruby (http://concurrent-ruby.com). Removing intermediate container 4698c35260fd ---> fbbb57fb5cb9 Step 13/18 : FROM base ---> f3ad9f51aed7 Step 14/18 : LABEL maintainer Travis CI GmbH ---> Running in b5aefc015ffc Removing intermediate container b5aefc015ffc ---> 70ff9b805050 Step 15/18 : COPY --from=builder /usr/local/bundle /usr/local/bundle ---> caacff986f1c Step 16/18 : COPY --from=builder /app/vendor ./vendor ---> 99fb513d9f8e Step 17/18 : COPY . ./ ---> b74d2f1a1d63 Step 18/18 : CMD ["bundle", "exec", "puma", "-C", "lib/travis/yml/web/puma.rb"] ---> Running in 8026d8f8a2bb Removing intermediate container 8026d8f8a2bb ---> 8f6fe17e0e50 Successfully built 8f6fe17e0e50 Successfully tagged travisci/travis-yml:5e64e02 docker login -u=[secure] -p=[secure] quay.io WARNING! Using --password via the CLI is insecure. Use --password-stdin. WARNING! Your password will be stored unencrypted in /home/travis/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded docker tag travisci/travis-yml:5e64e02 quay.io/travisci/travis-yml:5e64e02-enterprise-3.0 docker push quay.io/travisci/travis-yml:5e64e02-enterprise-3.0 The push refers to repository [quay.io/travisci/travis-yml] f0a39d3f7950: Preparing afa9cf1003ce: Preparing 38d4af8463f7: Preparing 4cc9626f8927: Preparing f68b97eb95b9: Preparing ceed96a5eb55: Preparing 08fd1ccefd4b: Preparing bb071dfcf595: Preparing 9ce6f9af70fc: Preparing 72325fcd36b7: Preparing 833c59850580: Preparing 3471fad30f0e: Preparing 9c1b6dd6c1e6: Preparing ceed96a5eb55: Waiting 08fd1ccefd4b: Waiting bb071dfcf595: Waiting 9ce6f9af70fc: Waiting 72325fcd36b7: Waiting 833c59850580: Waiting 3471fad30f0e: Waiting 9c1b6dd6c1e6: Waiting 4cc9626f8927: Pushed f68b97eb95b9: Pushed f0a39d3f7950: Pushed 38d4af8463f7: Pushed 9ce6f9af70fc: Layer already exists afa9cf1003ce: Pushed 08fd1ccefd4b: Pushed 72325fcd36b7: Layer already exists 833c59850580: Layer already exists 9c1b6dd6c1e6: Layer already exists 3471fad30f0e: Layer already exists ceed96a5eb55: Pushed bb071dfcf595: Pushed 5e64e02-enterprise-3.0: digest: sha256:3ee92f628db55978bd0bcc3dd91505e430e4eebc0b935698eb6d4a314739adaf size: 3041 docker run --rm -v /tmp:/root/.cache/ -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy i --ignore-unfixed quay.io/travisci/travis-yml:5e64e02-enterprise-3.0 Unable to find image 'aquasec/trivy:latest' locally latest: Pulling from aquasec/trivy 4abcf2066143: Pulling fs layer bd6651fa9674: Pulling fs layer e8ba746a6b5b: Pulling fs layer 405581c47843: Pulling fs layer 405581c47843: Waiting bd6651fa9674: Verifying Checksum bd6651fa9674: Download complete 4abcf2066143: Verifying Checksum 4abcf2066143: Download complete 4abcf2066143: Pull complete e8ba746a6b5b: Verifying Checksum e8ba746a6b5b: Download complete 405581c47843: Verifying Checksum 405581c47843: Download complete bd6651fa9674: Pull complete e8ba746a6b5b: Pull complete 405581c47843: Pull complete Digest: sha256:3cd377b27f4b9e52fc66e4b62c9b73b15bd07f0f5dfb7cdb9f21aeaaf72dbd9e Status: Downloaded newer image for aquasec/trivy:latest 2024-05-08T07:01:08Z INFO Need to update DB 2024-05-08T07:01:08Z INFO Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2" 22.35 MiB / 45.97 MiB [----------------------------->_______________________________] 48.62% ? p/s ?45.97 MiB / 45.97 MiB [----------------------------------------------------------->] 100.00% ? p/s ?45.97 MiB / 45.97 MiB [----------------------------------------------------------->] 100.00% ? p/s ?45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 39.36 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 39.36 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 39.36 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 36.82 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 36.82 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 36.82 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [---------------------------------------------->] 100.00% 34.45 MiB p/s ETA 0s45.97 MiB / 45.97 MiB [-------------------------------------------------] 100.00% 25.32 MiB p/s 2.0s2024-05-08T07:01:10Z INFO Vulnerability scanning is enabled 2024-05-08T07:01:10Z INFO Secret scanning is enabled 2024-05-08T07:01:10Z INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning 2024-05-08T07:01:10Z INFO Please see also https://aquasecurity.github.io/trivy/v0.51/docs/scanner/secret/#recommendation for faster secret detection 2024-05-08T07:01:21Z INFO Detected OS family="debian" version="11.9" 2024-05-08T07:01:21Z INFO [debian] Detecting vulnerabilities... os_version="11" pkg_num=120 2024-05-08T07:01:21Z INFO Number of language-specific files num=3 2024-05-08T07:01:21Z INFO [cargo] Detecting vulnerabilities... 2024-05-08T07:01:21Z INFO [gemspec] Detecting vulnerabilities... 2024-05-08T07:01:21Z INFO Table result includes only package filenames. Use '--format json' option to get the full path to the package file. quay.io/travisci/travis-yml:5e64e02-enterprise-3.0 (debian 11.9) ================================================================ Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0) Ruby (gemspec) ============== Total: 14 (UNKNOWN: 0, LOW: 1, MEDIUM: 7, HIGH: 6, CRITICAL: 0) ┌───────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬──────────────────────────────────────────────────────────┬────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├───────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ json (json-2.1.0.gemspec) │ CVE-2020-10663 │ HIGH │ fixed │ 2.1.0 │ >= 2.3.0 │ rubygem-json: Unsafe object creation vulnerability in JSON │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-10663 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼─────────────────────────���──────────────────────────────────┤ │ puma (puma-4.3.12.gemspec) │ CVE-2023-40175 │ MEDIUM │ │ 4.3.12 │ ~> 5.6.7, >= 6.3.1 │ rubygem-puma: HTTP request smuggling when parsing chunked │ │ │ │ │ │ │ │ transfer encoding bodies and zero-length... │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-40175 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2024-21647 │ │ │ │ ~> 5.6.8, >= 6.4.2 │ rubygem-puma: HTTP request smuggling when parsing chunked │ │ │ │ │ │ │ │ Transfer-Encoding Bodies │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-21647 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ rack (rack-2.2.4.gemspec) │ CVE-2022-44570 │ HIGH │ │ 2.2.4 │ ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= │ rubygem-rack: denial of service in Content-Disposition │ │ │ │ │ │ │ 2.2.6.2, >= 3.0.4.1 │ parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44570 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2022-44571 │ │ │ │ ~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= │ rubygem-rack: denial of service in Content-Disposition │ │ │ │ │ │ │ 2.2.6.1, >= 3.0.4.1 │ parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44571 │ │ ├────────────────┤ │ │ │ ├────────────────────────────────────────────────────────────┤ │ │ CVE-2022-44572 │ │ │ │ │ rubygem-rack: denial of service in Content-Disposition │ │ │ │ │ │ │ │ parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-44572 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2023-27530 │ │ │ │ ~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= │ rubygem-rack: Denial of service in Multipart MIME parsing │ │ │ │ │ │ │ 2.2.6.3, >= 3.0.4.2 │ https://avd.aquasec.com/nvd/cve-2023-27530 │ │ ├────────────────┼──────────┤ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2023-27539 │ MEDIUM │ │ │ ~> 2.0, >= 2.2.6.4, >= 3.0.6.1 │ rubygem-rack: denial of service in header parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-27539 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2024-25126 │ │ │ │ ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1 │ rubygem-rack: Denial of Service Vulnerability in Rack │ │ │ │ │ │ │ │ Content-Type Parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-25126 │ │ ├────────────────┤ │ │ │ ├────────────────────────────────────────────────────────────┤ │ │ CVE-2024-26141 │ │ │ │ │ rubygem-rack: Possible DoS Vulnerability with Range Header │ │ │ │ │ │ │ │ in Rack │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-26141 │ │ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ │ CVE-2024-26146 │ │ │ │ ~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= │ rubygem-rack: Possible Denial of Service Vulnerability in │ │ │ │ │ │ │ 2.2.8.1, >= 3.0.9.1 │ Rack Header Parsing │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-26146 │ ├───────────────────────────────────┼────────────────┤ │ ├───────────────────┼──────────────────────────────────────────────────────────┼──────────────────────────────────────────���─────────────────┤ │ rdoc (rdoc-6.1.2.1.gemspec) │ CVE-2024-27281 │ │ │ 6.1.2.1 │ ~> 6.3.4, >= 6.3.4.1, ~> 6.4.1, >= 6.4.1.1, >= 6.5.1.1 │ ruby: RCE vulnerability with .rdoc_options in RDoc │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-27281 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ stringio (stringio-0.0.2.gemspec) │ CVE-2024-27280 │ LOW │ │ 0.0.2 │ >= 3.0.1.1 │ ruby: Buffer overread vulnerability in StringIO │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-27280 │ ├───────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────────────────────────┼────────────────────────────────────────────────────────────┤ │ webrick (webrick-1.4.4.gemspec) │ CVE-2020-25613 │ HIGH │ │ 1.4.4 │ >= 1.6.1 │ ruby: Potential HTTP request smuggling in WEBrick │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-25613 │ └───────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴──────────────────────────────────────────────────────────┴────────────────────────────────────────────────────────────┘ usr/local/bundle/gems/rubygems-update-3.4.13/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock (cargo) ======================================================================================================================================== Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0) ┌─────────┬─────────────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────┼─────────────────────┼──────────┼────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────┤ │ shlex │ GHSA-r7qv-8r2h-pg27 │ HIGH │ fixed │ 1.1.0 │ 1.3.0 │ Multiple issues involving quote API in shlex │ │ │ │ │ │ │ │ https://github.com/advisories/GHSA-r7qv-8r2h-pg27 │ └─────────┴─────────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────┘ usr/local/bundle/gems/rubygems-update-3.4.13/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock (cargo) ========================================================================================================================== Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0) ┌─────────┬─────────────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├─────────┼─────────────────────┼──────────┼────────┼───────────────────┼───────────────���───────────────────────────────────────────────────┤ │ shlex │ GHSA-r7qv-8r2h-pg27 │ HIGH │ fixed │ 1.1.0 │ 1.3.0 │ Multiple issues involving quote API in shlex │ │ │ │ │ │ │ │ https://github.com/advisories/GHSA-r7qv-8r2h-pg27 │ └─────────┴─────────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────┘ travis_time:end:04bdf8c0:start=1715151556952904697,finish=1715151681423834969,duration=124470930272,event=script The command "make ship" exited with 0. Done. Your build exited with 0.