search

githubuniverseworkshops / workflow-script-injection

Understanding the risk of script Injections in GitHub Actions workflows
MIT License
6 stars 4 forks source link

Prerequisites for Universe 2023 Workshop: Understanding the risk of script Injections in GitHub Actions workflows #10

Open camihmerhar opened 1 year ago

camihmerhar commented 1 year ago

Hello GitHub Universe 2023 Workshopers!

We are so excited to see you at Universe this year!

For Understanding the risk of script Injections in GitHub Actions workflows on November 07, 2023 we’ll need a bit of prep work so we can dive into the content during the actual workshop.

Here is a list of actions you should do prior to the workshop.

See you all soon!

@Christian-Faucher_beneva , @AndrewEverywhere , @dkian214 , @lawanidriss , @anshitmishra , @lautapercuspain , @cpcloud , @darshankhunt , @elviskahoro , @marietheresa , @JLLeitschuh , @mcichoski , @voongc , @shaneakr , @mickmcgrath13 , @ahmad-luqman , @mbkumar , @RinatS , @samyukthagopalsamy , @mmaraya , @victkarangwa , @pfgcmiller , @caithlinpeters , @kanchiw , @kjaymiller , @dzeyelid , @sutharzan-ch , @fabasoad , @gerthrj_mbg , @andreaso , @amaltson , @Phillip-Sime_ttgit , @bunchja624 , @jhdub23 , @ansckasell , @212600134_pwr , @JessicaLefkowitz , @mtawadrousv , @mstokes , @disco-alex , @dina-heidar , @bushjak , @alexis-tadrowski , @LuisDavidRodriguez , @ooples , @mb388a_ATT , @nick-owens-eero , @mcrepssdi , @neilzhao-aws , @kpkeenan12 , @nettiquet , @jimkohl , @kevin-bednar , @jxb324-sw , @ccochrj2_jcplc , @MuhsinFatih , @david-rang , @seemethere , @206761027_nbcuni

camihmerhar commented 1 year ago

Hello GitHub Universe 2023 Workshopers!

We are so excited to see you at Universe this year!

For Understanding the risk of script Injections in GitHub Actions workflows on November 07, 2023 we’ll need a bit of prep work so we can dive into the content during the actual workshop.

Here is a list of actions you should do prior to the workshop.

See you all soon!

@nettiquet , @jimkohl , @kevin-bednar , @jxb324-sw , @ccochrj2_jcplc , @MuhsinFatih , @david-rang , @seemethere , @206761027_nbcuni

@githubuniverseworkshops/universe-workshop-workflow-script-injections

dkian214 commented 1 year ago

I’m not able to clone this repo.

[A screenshot of a web page Description automatically generated]

Mahalo,

Ian Morada Sr. Solutions Architect DK Tech Solutions 808-937-0331 @.***

Use this Calendly link to put 30 min on my calendar. https://calendly.com/ian-dktechsolutions/30min [A blue and black logo Description automatically generated with low confidence]

From: Cami Hernandez Merhar @.> Date: Friday, November 3, 2023 at 1:08 PM To: githubuniverseworkshops/workflow-script-injection @.> Cc: Ian Morada @.>, Mention @.> Subject: Re: [githubuniverseworkshops/workflow-script-injection] Prerequisites for Universe 2023 Workshop: Understanding the risk of script Injections in GitHub Actions workflows (Issue #10)

Hello GitHub Universe 2023 Workshopers!

We are so excited to see you at Universe this year!

For Understanding the risk of script Injections in GitHub Actions workflows on November 07, 2023 we’ll need a bit of prep work so we can dive into the content during the actual workshop.

Here is a list of actions you should do prior to the workshop.

See you all soon!

@nettiquethttps://github.com/nettiquet , @jimkohlhttps://github.com/jimkohl , @kevin-bednarhttps://github.com/kevin-bednar , @jxb324-swhttps://github.com/jxb324-sw , @ccochrj2_jcplc , @MuhsinFatihhttps://github.com/MuhsinFatih , @david-ranghttps://github.com/david-rang , @seemetherehttps://github.com/seemethere , @206761027_nbcuni

— Reply to this email directly, view it on GitHubhttps://github.com/githubuniverseworkshops/workflow-script-injection/issues/10#issuecomment-1793225515, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BCDHGQHOIJL2EVP6PV3HFZLYCV2N5AVCNFSM6AAAAAA65CWCRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJTGIZDKNJRGU. You are receiving this because you were mentioned.Message ID: @.***>

mcrepssdi commented 1 year ago

I am unable to clone this as well

Merl Sent from my iPhone

On Nov 3, 2023, at 22:04, dkian214 @.***> wrote:

 I’m not able to clone this repo.[A screenshot of a web page Description automatically generated]Mahalo,Ian MoradaSr. Solutions ArchitectDK Tech Solutions808-937-0331@.***Use this Calendly link to put 30 min on my calendar.https://calendly.com/ian-dktechsolutions/30min<calendar.https://calendly.com/ian-dktechsolutions/30min>

I’m not able to clone this repo.

[A screenshot of a web page Description automatically generated]

Mahalo,

Ian Morada Sr. Solutions Architect DK Tech Solutions 808-937-0331 @.***

Use this Calendly link to put 30 min on my calendar. https://calendly.com/ian-dktechsolutions/30minhttps://calendly.com/ian-dktechsolutions/30min [A blue and black logo Description automatically generated with low confidence]

From: Cami Hernandez Merhar @.> Date: Friday, November 3, 2023 at 1:08 PM To: githubuniverseworkshops/workflow-script-injection @.> Cc: Ian Morada @.>, Mention @.> Subject: Re: [githubuniverseworkshops/workflow-script-injection] Prerequisites for Universe 2023 Workshop: Understanding the risk of script Injections in GitHub Actions workflows (Issue #10)

Hello GitHub Universe 2023 Workshopers!

We are so excited to see you at Universe this year!

For Understanding the risk of script Injections in GitHub Actions workflows on November 07, 2023 we’ll need a bit of prep work so we can dive into the content during the actual workshop.

Here is a list of actions you should do prior to the workshop.

See you all soon!

@nettiquethttps://github.com/nettiquet<https://github.com/nettiquet> , @jimkohlhttps://github.com/jimkohl<https://github.com/jimkohl> , @kevin-bednarhttps://github.com/kevin-bednar<https://github.com/kevin-bednar> , @jxb324-swhttps://github.com/jxb324-sw<https://github.com/jxb324-sw> , @ccochrj2_jcplc , @MuhsinFatihhttps://github.com/MuhsinFatih<https://github.com/MuhsinFatih> , @david-ranghttps://github.com/david-rang<https://github.com/david-rang> , @seemetherehttps://github.com/seemethere<https://github.com/seemethere> , @206761027_nbcuni

— Reply to this email directly, view it on GitHubhttps://github.com/githubuniverseworkshops/workflow-script-injection/issues/10#issuecomment-1793225515<https://github.com/githubuniverseworkshops/workflow-script-injection/issues/10#issuecomment-1793225515>, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BCDHGQHOIJL2EVP6PV3HFZLYCV2N5AVCNFSM6AAAAAA65CWCRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJTGIZDKNJRGU<https://github.com/notifications/unsubscribe-auth/BCDHGQHOIJL2EVP6PV3HFZLYCV2N5AVCNFSM6AAAAAA65CWCRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJTGIZDKNJRGU>. You are receiving this because you were mentioned.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://github.com/githubuniverseworkshops/workflow-script-injection/issues/10#issuecomment-1793300092, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AU4D3YKLUFN44OMKUAJIINTYCWPBPAVCNFSM6AAAAAA65CWCRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJTGMYDAMBZGI. You are receiving this because you were mentioned.Message ID: @.***>

decyjphr commented 1 year ago

Please use this template to create a new public repository in your personal account. You should not clone this repo.

mcichoski commented 1 year ago

I created a new public report from the workshop template. Looks good. However, I have not seen a Teams invite. Are you referring to MS Teams? Is this invite through email as well?

Michael Cichoski, PMP, FLMI Web Developer III United Heritage Financial Group (208) 475-0939 (Desk) | (800) 657-6351 (Toll Free) | (208) 475-1039 (Fax) unitedheritage.comhttp://www.unitedheritage.com/ | Facebookhttps://www.facebook.com/UnitedHeritageLife | Instagramhttps://www.instagram.com/united_heritage_life/ | LinkedInhttps://www.linkedin.com/company/united-heritage [Graphical user interface, application Description automatically generated]

From: Cami Hernandez Merhar @.> Sent: Friday, November 3, 2023 5:08 PM To: githubuniverseworkshops/workflow-script-injection @.> Cc: Michael Cichoski @.>; Mention @.> Subject: Re: [githubuniverseworkshops/workflow-script-injection] Prerequisites for Universe 2023 Workshop: Understanding the risk of script Injections in GitHub Actions workflows (Issue #10)

Hello GitHub Universe 2023 Workshopers!

We are so excited to see you at Universe this year!

For Understanding the risk of script Injections in GitHub Actions workflows on November 07, 2023 we'll need a bit of prep work so we can dive into the content during the actual workshop.

Here is a list of actions you should do prior to the workshop.

See you all soon!

@nettiquethttps://github.com/nettiquet , @jimkohlhttps://github.com/jimkohl , @kevin-bednarhttps://github.com/kevin-bednar , @jxb324-swhttps://github.com/jxb324-sw , @ccochrj2_jcplc , @MuhsinFatihhttps://github.com/MuhsinFatih , @david-ranghttps://github.com/david-rang , @seemetherehttps://github.com/seemethere , @206761027_nbcuni

- Reply to this email directly, view it on GitHubhttps://github.com/githubuniverseworkshops/workflow-script-injection/issues/10#issuecomment-1793225515, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AALVPC7PAJZZVJA5LFPLUZTYCV2NRAVCNFSM6AAAAAA65CWCRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJTGIZDKNJRGU. You are receiving this because you were mentioned.Message ID: @.**@.>>