Closed urbinaalex17 closed 3 months ago
Checkmarx One – Scan Summary & Details – d3591c82-44a7-4b97-9e5c-1ce0009632cb
Severity | Issue | Source File / Package | Checkmarx Insight |
---|---|---|---|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [29](https://github.com/bitwarden/directory-connector/blob/task/BRE-87//.github/workflows/version-bump.yml# L29) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [135](https://github.com/bitwarden/directory-connector/blob/task/BRE-87//.github/workflows/version-bump.yml# L135) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [127](https://github.com/bitwarden/directory-connector/blob/task/BRE-87//.github/workflows/version-bump.yml# L127) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [210](https://github.com/bitwarden/directory-connector/blob/task/BRE-87//.github/workflows/version-bump.yml# L210) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [63](https://github.com/bitwarden/directory-connector/blob/task/BRE-87//.github/workflows/version-bump.yml# L63) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... | |
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [120](https://github.com/bitwarden/directory-connector/blob/task/BRE-87//.github/workflows/version-bump.yml# L120) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
Type of change
Objective
Add a new parameter to whether to send a notification for upcoming releases, which must be disabled by default.
Related PR: https://github.com/bitwarden/devops/pull/2329
Code changes
Before you submit
dotnet format --verify-no-changes
) (required)