New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @actions/core from 1.10.1 to 1.11.1 #36

Merged

2lambda123 merged 1 commit into master from snyk-upgrade-452febb700633559f113cc053918440d

Oct 29, 2024

Merged

[Snyk] Upgrade @actions/core from 1.10.1 to 1.11.1 #36

fix: upgrade @actions/core from 1.10.1 to 1.11.1

NShiftKey / NShiftKey - code security check required action Oct 29, 2024 in 5m 7s

Summary

2 security issue(s)
- High : 0
- Medium : 2
- Low : 0

Details

NShiftKey

Use of vulnerable crypto algorithm
- Description : If the MD5 hash function with low security is used, it is vulnerable because the attacker can decrypt it.
- Countermeasure : Use secure encryption algorithm. See link below for details. https://naver-security.github.io/nshiftkey-rule-guides/Weak_Hash_used_-_MD5_eng
  - Target Code : actions-stale/dist/index.js [view change history] [ignore this]
    https://github.com/2lambda123/actions-stale/blob/932bdea0fa62e2f868326c2ec3dbf8e1bba6fd19/dist/index.js#L59515-L59517
  - Target Code : actions-stale/dist/index.js [view change history] [ignore this]
    https://github.com/2lambda123/actions-stale/blob/932bdea0fa62e2f868326c2ec3dbf8e1bba6fd19/dist/index.js#L59658-L59660

View more details on NShiftKey