Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: Rename "unsecure" to insecure #270

Merged
merged 2 commits into from
Dec 10, 2024
Merged

docs: Rename "unsecure" to insecure #270

merged 2 commits into from
Dec 10, 2024

Conversation

szepeviktor
Copy link
Contributor

Closes #269

woodruffw
woodruffw reviewed Dec 10, 2024
View reviewed changes
docs/audits.md Outdated
@@ -634,7 +634,7 @@ Workflow commands (like `::set-env` and `::add-path`)
to inject environment variables and therefore obtain code execution).

However, users can explicitly re-enable them by setting the
`ACTIONS_ALLOW_UNSECURE_COMMANDS` environment variable at the workflow,
`ACTIONS_ALLOW_INSECURE_COMMANDS` environment variable at the workflow,
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't change the environment variable anywhere, only the other uses of "unsecure" -- the envvar is GitHub's own misspelling, which we need to detect.

(Sorry, I didn't notice this in your search earlier.)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay!

Done 🍏

We have 1×unsecure, I've added some "GitHub"-s.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

woodruffw
woodruffw approved these changes Dec 10, 2024
View reviewed changes
Copy link
Owner

@woodruffw woodruffw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you @szepeviktor!

@woodruffw woodruffw self-assigned this Dec 10, 2024
@woodruffw woodruffw added the documentation Improvements or additions to documentation label Dec 10, 2024
@woodruffw woodruffw changed the title Rename "unsecure" to insecure docs: Rename "unsecure" to insecure Dec 10, 2024
@woodruffw woodruffw merged commit 198fd0d into woodruffw:main Dec 10, 2024
19 checks passed
@szepeviktor
Copy link
Contributor Author

Glad to contribute.

@szepeviktor szepeviktor deleted the insecure-fix branch December 10, 2024 20:13
@BrewTestBot BrewTestBot mentioned this pull request Dec 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@woodruffw woodruffw woodruffw approved these changes

Assignees

@woodruffw woodruffw

Labels
documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG]: "Unsecure" is really insecure
2 participants
@szepeviktor @woodruffw