[0KRunning with gitlab-runner 17.1.0 (fe451d5a)[0;m
[0K  on osm-cicd-10 S9P1hQmo, system ID: s_0c544012072a[0;m
[0K[36;1mResolving secrets[0;m[0;m
section_start:1730833394:prepare_executor[0K[0K[36;1mPreparing the "docker" executor[0;m[0;m
[0KUsing Docker executor with image registry.gitlab.com/security-products/semgrep:5 ...[0;m
[0KPulling docker image registry.gitlab.com/security-products/semgrep:5 ...[0;m
[0KUsing docker image sha256:f2e557f5eb17a9129e244b02461a8f7d803c00d3a861251b8473dd3c97012e5c for registry.gitlab.com/security-products/semgrep:5 with digest registry.gitlab.com/security-products/semgrep@sha256:02b8e3c71b647cd30c0e59bc04b8e886d7b429e47b66f044ce7dbd570191157a ...[0;m
section_end:1730833397:prepare_executor[0Ksection_start:1730833397:prepare_script[0K[0K[36;1mPreparing environment[0;m[0;m
Running on runner-s9p1hqmo-project-65-concurrent-1 via osm-cicd-10...
section_end:1730833398:prepare_script[0Ksection_start:1730833398:get_sources[0K[0K[36;1mGetting source from Git repository[0;m[0;m
[32;1mFetching changes with git depth set to 50...[0;m
Reinitialized existing Git repository in /builds/gitlab/osm/mon/.git/
[32;1mChecking out b132dd4a as detached HEAD (ref is master)...[0;m
Removing gl-sast-report.json
Removing semgrep.sarif

[32;1mSkipping Git submodules setup[0;m
section_end:1730833399:get_sources[0Ksection_start:1730833399:step_script[0K[0K[36;1mExecuting "step_script" stage of the job script[0;m[0;m
[0KUsing docker image sha256:f2e557f5eb17a9129e244b02461a8f7d803c00d3a861251b8473dd3c97012e5c for registry.gitlab.com/security-products/semgrep:5 with digest registry.gitlab.com/security-products/semgrep@sha256:02b8e3c71b647cd30c0e59bc04b8e886d7b429e47b66f044ce7dbd570191157a ...[0;m
[32;1m$ /analyzer run[0;m
[33;49m[DEBUG] ▶ Choosing the input analyzer report: '/builds/gitlab/osm/mon/gl-sast-report.json'
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/command.go:79] ▶ GitLab Semgrep analyzer v5.19.0[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ ANALYZER_TARGET_DIR,CI_PROJECT_DIR=/builds/gitlab/osm/mon[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ ANALYZER_ARTIFACT_DIR,CI_PROJECT_DIR=/builds/gitlab/osm/mon[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ ANALYZER_INDENT_REPORT=false[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ ANALYZER_OPTIMIZE_REPORT=true[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ ADDITIONAL_CA_CERT_BUNDLE=[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SEARCH_IGNORED_DIRS=bundle,node_modules,vendor,tmp,test,tests[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SEARCH_IGNORE_HIDDEN_DIRS=true[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SEARCH_MAX_DEPTH=20[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SAST_SEMGREP_METRICS=true[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SAST_EXPERIMENTAL_FEATURES=false[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SAST_EXCLUDED_PATHS=spec, test, tests, tmp[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SAST_SCANNER_ALLOWED_CLI_OPTS=[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:267] ▶ SAST_EXCLUDED_PATHS=spec,test,tests,tmp[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/common/v3@v3.4.0/cacert/cacert.go:65] ▶ CA cert bundle not imported: empty bundle or empty target path[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:131] ▶ Detecting project[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/plugin/plugin.go:40] ▶ could not check for semgrep rules in the custom ruleset, choosing language-based matching filter as a fallback[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:153] ▶ Analyzer will attempt to analyze all projects in the repository[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:165] ▶ Loading ruleset for /builds/gitlab/osm/mon[0m
[0;33m[WARN] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/ruleset/v3@v3.2.0/ruleset.go:259] ▶ /builds/gitlab/osm/mon/.gitlab/sast-ruleset.toml not found, ruleset customization will be disabled.[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:175] ▶ Running analyzer[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/gitlab/LICENSE[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/lgpl/LICENSE[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/lgpl-cc/LICENSE[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/manifest.json[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:214] ▶ 19 active rule files detected with 587 active rules[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/bandit.yml': '1d5f1383c92f36acb1d037009fe18a1f2b23e018a4b4cf6d62f779876bf4954d'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/eslint.yml': '9a0000468fb7788df7a1f0dcedab6b52f63f48bb20e23be1703d09df4f26a43d'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/find_sec_bugs.yml': '4ffaf454577a0f2570a5923eb626c5ad5cc2acb61ba69f195133446bb13ce016'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/find_sec_bugs_scala.yml': '511d1fcd1844c8c598ce2eecacf95ab876bfadb01c7740d474d007250f033a97'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/flawfinder.yml': 'c03d70d0acaf5d6f42173b0141fd1ac40fb2a61b2d9e6867d6785b56f366bf90'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/gitlab/gitlab_ee_java.yml': '4447e55e10167e94a8e720d2b4c0b468de341261c3416fd32ceb63ba15bff134'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/gitlab/gitlab_ee_javascript.yml': '428c386226edb09210df0df08ca4c2464949e948a88045694b3cfaab8079b8dc'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/gitlab_ce_python.yml': 'a1adf6cde5fa7e8ef530bd3ec122f6ac827e989f2c862aeae28a58a69c78ab6b'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/gitlab_ce_scala.yml': 'ee3d5ba84846f6c94085a1a76d3d250e68ce9c7f7502003647f7125a8667e1a3'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/gosec.yml': '2f8a4f954c8358ed4b5529be4f557190090209df1ac67bf55d24af2d755ffca0'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl-cc/brakeman.yml': '27bfe7c3e464b2786c360004c50a8e487c46f9ea7ffe011b5190696224665301'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl-cc/gitlab_lgpl_cc_java.yml': '17d681aba56265d68cbeb7e90681f2d69d8c0440714acb4940b57e9b5cb67bbb'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl-cc/gitlab_lgpl_cc_javascript.yml': 'abf15ac30a8c820f2d192a812d48f3a76e805c1cd3bee91d3b19d7c09d482519'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl-cc/gitlab_lgpl_cc_python.yml': '4fcb59e05b1bdb418ab3ce009b0af0c565fe16d255013f9f65e1981734fafbe8'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl-cc/phpcs_security_audit.yml': '7f3448e2fdbca069c55c5f34971fc48382ec1af86a973ee24614ce320494d630'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl/find_sec_bugs_kotlin.yml': '46cdf5ab58a11576cb48f87c42e587f21136e01b33b352d7444e8c74e5ae446f'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl/mobsf.yml': '18c9f0273caf79503e75cfdff7efa38fdec4a9e5f3084ebb915fe492a3446f66'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/lgpl/nodejs_scan.yml': '79c0e7b567b4a9346a2668c84912dc4f56c3f3a48becffbde14a6687fa18ffd9'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:220] ▶  * rule file '/rules/security_code_scan.yml': 'a145b41abb93f352f70e9e7b7c335d09d0e1a95298f7fed85e35ef2fd3d7e4e8'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:222] ▶ Combined rule checksum: '27e7bf4d7858adbf7c72eca7733d117fede9e2ca9c05440f170f9489d74dc6f4'[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/rules/ruleinfo.go:232] ▶ Using the GitLab SAST default ruleset[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:20Z] [/go/src/buildapp/analyze.go:101] ▶ /usr/local/bin/semgrep -f /rules -o /builds/gitlab/osm/mon/semgrep.sarif --sarif --no-rewrite-rule-ids --strict --disable-version-check --no-git-ignore --exclude spec --exclude test --exclude tests --exclude tmp --metrics on --verbose[0m
[0;32m[INFO] [Semgrep] [2024-11-05T19:03:32Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/run.go:189] ▶ Creating report[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:32Z] [/go/src/buildapp/convert.go:43] ▶ Converting report with the root path: /builds/gitlab/osm/mon[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:33Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/gitlab/LICENSE[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:33Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/lgpl/LICENSE[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:33Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/lgpl-cc/LICENSE[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:33Z] [/go/src/buildapp/rules/ruleinfo.go:307] ▶ skipping parse for non-rule file: /rules/manifest.json[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:33Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/report/v5@v5.3.0/report.go:269] ▶ Applying report overrides[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:33Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/report/v5@v5.3.0/report.go:288] ▶ No Ids found to override[0m
[0;35m[DEBU] [Semgrep] [2024-11-05T19:03:33Z] [/go/pkg/mod/gitlab.com/gitlab-org/security-products/analyzers/command/v3@v3.1.0/jsonout.go:54] ▶ Optimizing JSON Output[0m
[0;32m[INFO] [2024-11-05T19:03:33Z] [/build/clicmds/query.go:89] ▶ /builds/gitlab/osm/mon/gl-report-post.json written[0m
section_end:1730833413:step_script[0Ksection_start:1730833413:upload_artifacts_on_success[0K[0K[36;1mUploading artifacts for successful job[0;m[0;m
[32;1mUploading artifacts...[0;m
gl-sast-report.json: found 1 matching artifact files and directories[0;m 
Uploading artifacts as "sast" to coordinator... 201 Created[0;m  id[0;m=103706 responseStatus[0;m=201 Created token[0;m=glcbt-64
section_end:1730833414:upload_artifacts_on_success[0Ksection_start:1730833414:cleanup_file_variables[0K[0K[36;1mCleaning up project directory and file based variables[0;m[0;m
section_end:1730833414:cleanup_file_variables[0K[32;1mJob succeeded[0;m