checkout

mirror of https://github.com/actions/checkout.git synced 2025-10-31 18:18:37 +08:00

History

Y. Meyer-Norwood fe77b196f4 Prevent Script Injection Attack The user provided inputs here are vulnerable to script injection. This PR uses an intermediary environment variable to treat the input as a string, rather than as part of the command. See: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable	2022-12-13 11:16:31 +13:00
..
workflows	Prevent Script Injection Attack	2022-12-13 11:16:31 +13:00

Y. Meyer-Norwood fe77b196f4

The user provided inputs here are vulnerable to script injection. This PR uses an intermediary environment variable to treat the input as a string, rather than as part of the command.

See: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable

2022-12-13 11:16:31 +13:00

workflows

Prevent Script Injection Attack

2022-12-13 11:16:31 +13:00