⚠ This page is served via a proxy. Original site: https://github.com
This service does not collect credentials or authentication data.
Skip to content

Unsafe string interpolation in Github actions #27

@gpeng

Description

@gpeng

SonarQubeCloud is raising some security issues caused by GitHub actions e.g. https://github.com/NHSDigital/repository-template/blob/main/.github/actions/perform-static-analysis/action.yaml#L19

We've addressed these in NHSDigital/dtos-manage-breast-screening#987. I've not fixed here as I'm aware there is a new version of the template in development (cc/ @stefaniuk ). I can fix though if required.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions