Skip to content

Commit

Permalink
Remove Debug jobs
Browse files Browse the repository at this point in the history
  • Loading branch information
@widhalmt
widhalmt committed Oct 23, 2024
1 parent f6455b0 commit 511bc6e
Showing 1 changed file with 0 additions and 2 deletions.
2 changes: 0 additions & 2 deletions .github/workflows/kics.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,6 @@ jobs:
ignore_on_exit: results
output_formats: 'json,sarif'
output_path: results-dir
- name: Debug
run: ls results-dir
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3

Check warning on line 36 in .github/workflows/kics.yml

View workflow job for this annotation

GitHub Actions / kics

[LOW] Unpinned Actions Full Length Commit SHA 

Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.

Check notice

Code scanning / KICS

Unpinned Actions Full Length Commit SHA Note

Action is not pinned to a full length commit SHA.
with:
Expand Down

0 comments on commit 511bc6e

Please sign in to comment.