issues
search
optimizely
/
android-sdk
Android SDK for Optimizely Feature Experimentation and Optimizely Full Stack (legacy)
https://docs.developers.optimizely.com/experimentation/v4.0.0-full-stack/docs/android-sdk
Apache License 2.0
55
stars
39
forks
source link
[FSSDK-10230] fix: GitHub slug `head_ref` vulnerability resolved
#481
Closed
muzahidul-opti
closed
4 months ago
muzahidul-opti
commented
4 months ago
Summary
Assigned the value of
github.head_ref
to an intermediate environment variable and employ that variable in the shell script.
Reference:
https://securitylab.github.com/research/github-actions-untrusted-input/
https://codeql.github.com/codeql-query-help/javascript/js-actions-command-injection/
https://securitylab.github.com/advisories/GHSL-2023-110_Wing_Language/
Test plan
N / A
Issues
FSSDK-10230
Summary
github.head_refto an intermediate environment variable and employ that variable in the shell script.Reference:
Test plan
Issues