Skip to content

testing commit signing

Sign in for the full log view
GitHub Actions / actionlint failed Feb 15, 2024 in 1s

reviewdog [actionlint] report

reported by reviewdog 🐶

Findings (2)

.github/workflows/dependency-updates.yml|35 col 9| shellcheck reported issue in this script: SC2086:info:1:62: Double quote to prevent globbing and word splitting [shellcheck]
.github/workflows/dependency-updates.yml|35 col 33| "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details [expression]

Filtered Findings (2)

.github/workflows/sonar-scan.yml|94 col 9| shellcheck reported issue in this script: SC2185:info:5:41: Some finds don't have a default path. Specify '.' explicitly [shellcheck]
.github/workflows/sonar-scan.yml|94 col 9| shellcheck reported issue in this script: SC2086:info:5:99: Double quote to prevent globbing and word splitting [shellcheck]

Annotations

Check failure on line 35 in .github/workflows/dependency-updates.yml

See this annotation in the file changed.

@github-actions github-actions / actionlint

[actionlint] .github/workflows/dependency-updates.yml#L35 

shellcheck reported issue in this script: SC2086:info:1:62: Double quote to prevent globbing and word splitting [shellcheck]
Raw output 
.github/workflows/dependency-updates.yml:35:9: shellcheck reported issue in this script: SC2086:info:1:62: Double quote to prevent globbing and word splitting [shellcheck]

Check failure on line 35 in .github/workflows/dependency-updates.yml

See this annotation in the file changed.

@github-actions github-actions / actionlint

[actionlint] .github/workflows/dependency-updates.yml#L35 

"github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details [expression]
Raw output 
.github/workflows/dependency-updates.yml:35:33: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions for more details [expression]
View more details on GitHub Actions