Skip to content
Pull Request Checks

ci(workflows): use environment variables in scripts to prevent command injection #11065

Sign in to view logs

ci(workflows): use environment variables in scripts to prevent command injection

ci(workflows): use environment variables in scripts to prevent command injection #11065

Triggered via pull request May 22, 2025 09:09
@adrianschmidtadrianschmidt
opened #3564
fix-command-injection-vulnerability
Status Failure
Total duration 2m 58s
Artifacts

pr-checks.yml

on: pull_request
Lint
1m 0s
Lint
Build
2m 38s
Build
Test
2m 51s
Test
Block Autosquash Commits
12s
Block Autosquash Commits
Docs  /  Publish Docs
2m 30s
Docs / Publish Docs
Commitlint
12s
Commitlint
Docs  /  Post link to docs on PR
7s
Docs / Post link to docs on PR
automerge
0s
automerge
Fit to window
Zoom out
Zoom in

Annotations

2 errors
Lint
Process completed with exit code 1.
Lint: publish-docs.js#L385
Replace `shell.exec('git·commit·-m·"$COMMIT_MESSAGE"',·{env:·{...process.env,·COMMIT_MESSAGE:·message}}).code·!==·0` with `⏎········shell.exec('git·commit·-m·"$COMMIT_MESSAGE"',·{⏎············env:·{·...process.env,·COMMIT_MESSAGE:·message·},⏎········}).code·!==·0⏎····`