Security Policy violation Binary Artifacts #10425

allstar-app · 2024-02-06T16:23:18Z

This issue was automatically created by Allstar.

Security Policy Violation
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.

allstar-app · 2024-02-06T18:43:10Z

Policy is now in compliance. Closing issue.

allstar-app · 2024-02-06T18:52:05Z

Reopening issue. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-07T18:54:34Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-08T19:19:09Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-09T19:19:12Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-09T22:40:37Z

Policy is now in compliance. Closing issue.

allstar-app · 2024-02-09T22:47:29Z

Reopening issue. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-10T22:47:36Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-11T22:52:03Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-12T22:55:50Z

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

benchmark-overhead/gradle/wrapper/gradle-wrapper.jar
examples/distro/gradle/wrapper/gradle-wrapper.jar
examples/extension/gradle/wrapper/gradle-wrapper.jar
gradle-plugins/gradle/wrapper/gradle-wrapper.jar
gradle/wrapper/gradle-wrapper.jar

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

allstar-app · 2024-02-13T10:08:21Z

Policy is now in compliance. Closing issue.

allstar-app bot added the allstar label Feb 6, 2024

allstar-app bot closed this as completed Feb 6, 2024

allstar-app bot reopened this Feb 6, 2024

trask mentioned this issue Feb 6, 2024

Can we configure to ignore gradle-wrapper.jar binary artifacts? open-telemetry/.allstar#6

Closed

breedx-splk mentioned this issue Feb 7, 2024

Ignore gradle wrapper binary artifacts open-telemetry/.allstar#9

Merged

allstar-app bot closed this as completed Feb 9, 2024

allstar-app bot reopened this Feb 9, 2024

allstar-app bot closed this as completed Feb 13, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security Policy violation Binary Artifacts #10425

Security Policy violation Binary Artifacts #10425

allstar-app bot commented Feb 6, 2024

allstar-app bot commented Feb 6, 2024

allstar-app bot commented Feb 6, 2024

allstar-app bot commented Feb 7, 2024

allstar-app bot commented Feb 8, 2024

allstar-app bot commented Feb 9, 2024

allstar-app bot commented Feb 9, 2024

allstar-app bot commented Feb 9, 2024

allstar-app bot commented Feb 10, 2024

allstar-app bot commented Feb 11, 2024

allstar-app bot commented Feb 12, 2024

allstar-app bot commented Feb 13, 2024

Security Policy violation Binary Artifacts #10425

Security Policy violation Binary Artifacts #10425

Comments

allstar-app bot commented Feb 6, 2024

allstar-app bot commented Feb 6, 2024

allstar-app bot commented Feb 6, 2024

allstar-app bot commented Feb 7, 2024

allstar-app bot commented Feb 8, 2024

allstar-app bot commented Feb 9, 2024

allstar-app bot commented Feb 9, 2024

allstar-app bot commented Feb 9, 2024

allstar-app bot commented Feb 10, 2024

allstar-app bot commented Feb 11, 2024

allstar-app bot commented Feb 12, 2024

allstar-app bot commented Feb 13, 2024