Bump cargo-ledger and ledgerwallet versions. Add support for Flex and Stax in Rust apps. · LedgerHQ/ledger-app-builder@c5ea40a · GitHub

Ledger Wiz (CSPM & secret detection) / Wiz IaC Scanner completed May 27, 2024 in 3s

Wiz IaC Scanner

Hail, Commander of Compilation Chaos! 🌪️

Wiz's compass needle pointed to paths lined with newfound discoveries. 🧭🌟

Revealing IaC misconfigurations with Wiz 🪄

🔮 IaC Misconfigurations Detected: 1

― Note from Wiz: "Bugs vanish in your digital magic - keep conjuring solutions! 🪄🐛🔮"

Annotations

Check warning on line 40 in full/Dockerfile

ledger-wiz-cspm-secret-detection / Wiz IaC Scanner

Pip install keeping cached packages

Rule ID: 825ae084-a21d-4595-9378-0b5b9edbc4d1
Severity: Medium
Resource: FROM={{ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-lite:latest}}.{{pip3 install ledgerwallet==0.5.0}}

When installing packages with pip, the '--no-cache-dir' flag should be set to make Docker images smaller

Raw output


            Expected: The '--no-cache-dir' flag should be set when running 'pip/pip3 install'
Found: The '--no-cache-dir' flag isn't set when running 'pip/pip3 install'

View more details on Ledger Wiz (CSPM & secret detection)