Closed lwille closed 1 month ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 46.59%. Comparing base (
84b89bd
) to head (fbf3b16
). Report is 2 commits behind head on dev.
Description
It was possible to run arbitrary commands in the context of the GitHub Actions workflow by using an unsanitized user input (
env
) in a run step.As a best practice, we shall try to sanitize any user input, which can be done by passing it through an env var.
References
Checklist