hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update UntrustedCheckoutCritical.ql

Browse Source
This commit is contained in:
Marco Gario
2025-04-01 13:58:37 +02:00
committed by GitHub
parent 68690b4615
commit d33ce423d8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql
View File

@@ -1,5 +1,5 @@
/**
* @name Checkout of untrusted code in a priviledged context
* @name Checkout of untrusted code in a privileged context
* @description Privileged workflows have read/write access to the base repository and access to secrets.
* By explicitly checking out and running the build script from a fork the untrusted code is running in an environment
* that is able to push to the base repository and to access secrets.