1
0
Fork 0
mirror of https://code.forgejo.org/actions/checkout.git synced 2024-11-23 18:04:51 +01:00
checkout/.github/workflows
Y. Meyer-Norwood fe77b196f4
Prevent Script Injection Attack
The user provided inputs here are vulnerable to script injection. This PR uses an intermediary environment variable to treat the input as a string, rather than as part of the command.

See: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
2022-12-13 11:16:31 +13:00
..
check-dist.yml update test workflows to checkout v3 (#709) 2022-03-01 13:02:13 -05:00
codeql-analysis.yml update test workflows to checkout v3 (#709) 2022-03-01 13:02:13 -05:00
licensed.yml update test workflows to checkout v3 (#709) 2022-03-01 13:02:13 -05:00
test.yml Replace datadog/squid with ubuntu/squid Docker image (#1002) 2022-11-10 15:54:12 -05:00
update-main-version.yml Prevent Script Injection Attack 2022-12-13 11:16:31 +13:00