Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add authorization arg specifier #497

Merged
merged 1 commit into from
Jan 5, 2021
Merged

Add authorization arg specifier #497

merged 1 commit into from
Jan 5, 2021

Conversation

vlasy
Copy link
Contributor

@vlasy vlasy commented Dec 18, 2020
edited
Loading

Description

The argument type flag was missing. Therefore, secret token was considered an input path to scan

Related: #486

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • I have updated the documentation accordingly.
  • I have added new practice to practice list in README.md.
  • I have read the CONTRIBUTING document.
  • I haven't repeated the code. (DRY)
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@vlasy
fix: add authorization arg specifier
26b21f4 
without it, the token was mistaken for a path to scan
@developerexperiencebot
Copy link

DX Scanner Report DXScanner.io

https://github.com/DXHeroes/dx-scanner

⚠️ Improvements with medium impact

Solve Issues Continuously

Do not have an open Issues more than 60 days. Solve Issues continuously. https://hackernoon.com/45-github-issues-dos-and-donts-dfec9ab4b612

Update Dependencies of Minor and Patch Level

Keep the dependencies updated to eliminate security concerns and compatibility issues. Use, for example, npm-check-updates. https://dxkb.io/p/updating-the-dependencies

Library New Current Severity
@octokit/plugin-rest-endpoint-methods 4.4.1 4.2.1 moderate
simple-git 2.31.0 2.27.0 moderate
typescript 4.1.3 4.0.5 moderate

Impact changed from high to medium.

🔔 Improvements with minor impact

Update Dependencies of Major Level

Keep the dependencies updated to have all possible features. Use, for example, npm-check-updates. https://dxkb.io/p/updating-the-dependencies

Library New Current Severity
@types/node 14.14.14 12.19.9 low
Use a JS Logging Library

Use a logging library to avoid errors and even cyber attacks. The most widely used logging library in the JavaScript community is Winston. https://www.npmjs.com/package/winston/

🔧 These practices might be automatically fixed:

Update Dependencies of Minor and Patch Level

Keep the dependencies updated to eliminate security concerns and compatibility issues. Use, for example, npm-check-updates. https://dxkb.io/p/updating-the-dependencies

Library New Current Severity
@octokit/plugin-rest-endpoint-methods 4.4.1 4.2.1 moderate
simple-git 2.31.0 2.27.0 moderate
typescript 4.1.3 4.0.5 moderate

Impact changed from high to medium.

---

Implementation is not adoption.
We can help you with both. :-)
dxheroes.io

Found a bug? Please report.

Join us on Slack!

@mergify mergify bot merged commit 3131b24 into master Jan 5, 2021
@mergify mergify bot deleted the fix/github-action-token-arg branch January 5, 2021 06:32
@prokopsimek
Copy link
Member

🎉 This PR is included in version 3.48.4 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adelkahomolova adelkahomolova adelkahomolova approved these changes

@prokopsimek prokopsimek prokopsimek approved these changes

@Jakub-Vacek Jakub-Vacek Awaiting requested review from Jakub-Vacek Jakub-Vacek is a code owner

@ryzzaki ryzzaki Awaiting requested review from ryzzaki

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@vlasy @developerexperiencebot @prokopsimek @adelkahomolova