It all started because of an obsession with two words: “build passing”. It all ended with this: badges, for badges’ sake.
GNU General Public License v3.0
1.8k
stars
150
forks
source link
Fix potential injection vulnerability #165
Closed
martingjaldbaek closed 3 years ago
I'm the maintainer of https://github.com/hrvey/combine-prs-workflow and we just made a new release - https://github.com/hrvey/combine-prs-workflow/releases/tag/1.2.0 - to fix a potential injection attack based on a PR with a malicious branch name. I've included the fix for this here, to make sure you noticed and make it as easy as possible for you to patch :)