Build SecHub GHA (scan)

Sanitize GitHub action shell cmd to prevent cmd injection #3509 #211

Sign in to view logs

Summary
Jobs
- build-scan
Run details
- Usage
- Workflow file

Triggered via pull request October 14, 2024 15:05

hamidonos

synchronize #3510

gha_feature-sanitize-github-action-shell-cmd-to-prevent-cmd-injection-#3509

Status Success

Total duration 1m 56s

Artifacts 3

github-action-scan.yml

on: pull_request

Annotations

10 errors

Argument has invalid characters: rm-rf/;echohacked

Argument has invalid characters: echo$(whoami)

Argument has invalid characters: cat/etc/passwd|greproot

Argument has invalid characters: touch/tmp/test&&ls/tmp

Argument has invalid characters: echohello>/tmp/test

Argument has invalid characters: `reboot`

Argument has invalid characters: $(reboot)

Argument has invalid characters: ;reboot

Argument has invalid characters: |reboot

Argument has invalid characters: &reboot

Artifacts

Produced during runtime

Name	Size	Digest
git-status Expired	212 Bytes	`sha256:8e2ea3ef741f607a02913267c6cb1d466e5aef719df4c7b45d2f680b47967587`
sechub-reports Expired	31.4 KB	`sha256:7b10f69690aeb73a068a14d81ee7b8ef8fa3052a142227b43b10d2dcb199b4f3`
sechub-runtime-logiles Expired	84.2 KB	`sha256:5d5f3b1dc2b899d21357c653a6f5798365d8f5d9b9bc01e174f99ebf2409436a`