Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exclude github.run_* from template injection check #92

Merged
merged 1 commit into from
Oct 31, 2024
Merged

Exclude github.run_* from template injection check #92

merged 1 commit into from
Oct 31, 2024

Conversation

funnelfiasco
Copy link
Contributor

These are unique numbers assigned by GitHub and can't be used to inject shell commands.

Fixes #91

@funnelfiasco
Exclude github.run_* from template injection check
1ba2a46 
These are unique numbers assigned by GitHub and can't be used to inject
shell commands.

Fixes woodruffw#91

Signed-off-by: Ben Cotton <ben@kusari.dev>
@woodruffw
Copy link
Owner

Thanks @funnelfiasco! Agreed, these are harmless to expand.

@woodruffw woodruffw added false-positive enhancement New feature or request bugfix Fixes a known bug and removed enhancement New feature or request labels Oct 31, 2024
@woodruffw woodruffw merged commit 97d0d67 into woodruffw:main Oct 31, 2024
4 checks passed
@funnelfiasco funnelfiasco deleted the issue91-exclude_github.run branch October 31, 2024 19:01
@BrewTestBot BrewTestBot mentioned this pull request Nov 1, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@woodruffw woodruffw woodruffw approved these changes

Assignees
No one assigned
Labels
bugfix Fixes a known bug false-positive
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Exclude github.run_* from template injection test
2 participants
@funnelfiasco @woodruffw