search

rappasoft / laravel-livewire-tables

A dynamic table component for Laravel Livewire
https://rappasoft.com/docs/laravel-livewire-tables/v2/introduction
MIT License
1.8k stars 340 forks source link

Potential security issues in GitHub Actions workflows #2024

Open jiangnanpro opened 3 weeks ago

jiangnanpro commented 3 weeks ago

Potential security issues in GitHub Actions workflows

Hi! We are a research team from Radboud University in the Netherlands, currently working on security vulnerability analysis on GitHub Actions workflows. During our study, we found some potential issues in the workflow files of your repository and would like to bring them to your attention to help enhance security.

If you are interested, how would you like us to report it?

If you have any questions, please feel free to reach out! Thank you!

lrljoe commented 3 weeks ago

Thanks for the information, please feel free to e-mail: anthony@rappasoft.com and cc joe@lowerrocklabs.com

And we'll get right on it.

lrljoe commented 3 weeks ago

@jiangnanpro - any update from you on this please?

jiangnanpro commented 3 weeks ago

@jiangnanpro - any update from you on this please?

Hi @lrljoe, thanks for your reply! Issues identified have been sent to your email address, please feel free to reach out!

lrljoe commented 3 weeks ago

Received, I'll review and give you an update this weekend

Thanks for reaching out!

lrljoe commented 3 weeks ago

@jiangnanpro - Just to update, I've executed our latest release, and should now be able to look at this properly.

lrljoe commented 3 weeks ago

@jiangnanpro - I have reached back out to your via E-Mail to discuss.

lrljoe commented 2 weeks ago

@jiangnanpro - Any response on the e-mail I sent?

jiangnanpro commented 2 weeks ago

@jiangnanpro - Any response on the e-mail I sent?

I’ve gone through your email and replied with my thoughts. I’m traveling at the moment, so I might not be able to respond promptly, but feel free to reach out, and I’ll get back to this matter as soon as I can :)

lrljoe commented 4 days ago

@jiangnanpro - Any response on the e-mail I sent?

I’ve gone through your email and replied with my thoughts. I’m traveling at the moment, so I might not be able to respond promptly, but feel free to reach out, and I’ll get back to this matter as soon as I can :)

Just to update, that the fixes to the workflows are now in our development branch, and will be merged across with the next release. Thank you for bringing it to our attention!