CI(actionlint): use custom action with more checks #3164
bayandinactionlint.yml
on: pull_request
check-permissions
/
check-permissions
0s
actionlint
39s
Annotations
10 errors
|
actionlint:
.github/workflows/build_and_test.yml#L212
shellcheck reported issue in this script: SC2016:info:2:6: Expressions don't expand in single quotes, use double quotes for that
|
|
actionlint
Process completed with exit code 1.
|
|
code injection via template expansion:
.github/workflows/build_and_test.yml#L1167
this step - https://woodruffw.github.io/zizmor/audits#template-injection
|
|
code injection via template expansion:
.github/workflows/build_and_test.yml#L1173
needs.tag.outputs.build-tag may expand into attacker-controllable code - https://woodruffw.github.io/zizmor/audits#template-injection
|
|
code injection via template expansion:
.github/workflows/build_and_test.yml#L1182
this step - https://woodruffw.github.io/zizmor/audits#template-injection
|
|
code injection via template expansion:
.github/workflows/build_and_test.yml#L1188
needs.tag.outputs.build-tag may expand into attacker-controllable code - https://woodruffw.github.io/zizmor/audits#template-injection
|
|
code injection via template expansion:
.github/workflows/_build-and-test-locally.yml#L208
this step - https://woodruffw.github.io/zizmor/audits#template-injection
|
|
code injection via template expansion:
.github/workflows/_build-and-test-locally.yml#L211
vars.REMOTE_STORAGE_AZURE_CONTAINER may expand into attacker-controllable code - https://woodruffw.github.io/zizmor/audits#template-injection
|
|
code injection via template expansion:
.github/workflows/_build-and-test-locally.yml#L208
this step - https://woodruffw.github.io/zizmor/audits#template-injection
|
|
code injection via template expansion:
.github/workflows/_build-and-test-locally.yml#L211
vars.REMOTE_STORAGE_AZURE_REGION may expand into attacker-controllable code - https://woodruffw.github.io/zizmor/audits#template-injection
|