Closed tiloyi closed 5 months ago
Checkmarx One – Scan Summary & Details – 34d68303-3e7b-408f-b59e-81e81159fe9a
Severity | Issue | Source File / Package | Checkmarx Insight |
---|---|---|---|
Unpinned Actions Full Length Commit SHA | /release.yml: 54 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /release.yml: 41 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /release.yml: 47 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /release.yml: 32 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
Severity | Issue | Source File / Package |
---|---|---|
Unpinned Actions Full Length Commit SHA | /release.yml: 31 | |
Unpinned Actions Full Length Commit SHA | /release.yml: 40 | |
Unpinned Actions Full Length Commit SHA | /release.yml: 46 | |
Unpinned Actions Full Length Commit SHA | /release.yml: 53 |
I have read the contributing guidelines
Does this PR introduce a breaking change?
Describe the changes
Release Workflow - update standard token permissions
GitHub issue number or Jira issue URL: N/A
Other information