| .. |
|
Dockerfile-aws-file
|
✨ Support bash -c "CMD" for docker RUN downloads-then-exec (#600)
|
2021-06-23 14:09:47 +00:00 |
|
Dockerfile-comments
|
✨ rename Frozen-Deps to Pinned-Dependencies (#765)
|
2021-07-27 16:32:24 -07:00 |
|
Dockerfile-curl-file-sh
|
✨ Support bash -c "CMD" for docker RUN downloads-then-exec (#600)
|
2021-06-23 14:09:47 +00:00 |
|
Dockerfile-curl-sh
|
✨ Support bash -c "CMD" for docker RUN downloads-then-exec (#600)
|
2021-06-23 14:09:47 +00:00 |
|
Dockerfile-empty
|
✨ rename Frozen-Deps to Pinned-Dependencies (#765)
|
2021-07-27 16:32:24 -07:00 |
|
Dockerfile-gsutil-file
|
✨ Support bash -c "CMD" for docker RUN downloads-then-exec (#600)
|
2021-06-23 14:09:47 +00:00 |
|
Dockerfile-invalid
|
✨ Add check for Docker dependency pinning by hash (#469)
|
2021-05-19 09:46:39 -07:00 |
|
Dockerfile-no-curl-sh
|
✨ change message to make it more easier for user (#1003)
|
2021-09-13 07:33:40 -07:00 |
|
Dockerfile-not-pinned
|
✨ Add check for Docker dependency pinning by hash (#469)
|
2021-05-19 09:46:39 -07:00 |
|
Dockerfile-not-pinned-as
|
✨ [migration to score] 3: branch protection, frozen-deps, token permissions (#719)
|
2021-07-21 09:21:43 -07:00 |
|
Dockerfile-pinned
|
ignore scratch frm dockerfile imports
|
2021-05-20 13:23:27 -05:00 |
|
Dockerfile-pinned-as
|
ignore scratch frm dockerfile imports
|
2021-05-20 13:23:27 -05:00 |
|
Dockerfile-pinned-as-without-hash
|
✨ change message to make it more easier for user (#1003)
|
2021-09-13 07:33:40 -07:00 |
|
Dockerfile-pinned-without-hash
|
✨ change message to make it more easier for user (#1003)
|
2021-09-13 07:33:40 -07:00 |
|
Dockerfile-pkg-managers
|
Detect unverified installs of npm packages (#1043)
|
2021-09-30 19:40:04 +00:00 |
|
Dockerfile-proc-subs
|
✨ cleanup Frozen-Deps MakeResultAnd (#742)
|
2021-07-26 22:02:46 +00:00 |
|
Dockerfile-script-ok
|
✨ Check: detect downloads of scripts/binaries in docker's RUN (#584)
|
2021-06-21 18:45:15 +00:00 |
|
Dockerfile-some-python
|
✨ cleanup Frozen-Deps MakeResultAnd (#742)
|
2021-07-26 22:02:46 +00:00 |
|
Dockerfile-wget-bin-sh
|
✨ Support bash -c "CMD" for docker RUN downloads-then-exec (#600)
|
2021-06-23 14:09:47 +00:00 |
|
Dockerfile-wget-file
|
✨ Support bash -c "CMD" for docker RUN downloads-then-exec (#600)
|
2021-06-23 14:09:47 +00:00 |
|
github-workflow-comments.yaml
|
Parsing GitHub Workflows should only happen on yaml files
|
2021-09-06 10:51:33 -05:00 |
|
github-workflow-curl-default.yaml
|
Parsing GitHub Workflows should only happen on yaml files
|
2021-09-06 10:51:33 -05:00 |
|
github-workflow-curl-no-default.yaml
|
Parsing GitHub Workflows should only happen on yaml files
|
2021-09-06 10:51:33 -05:00 |
|
github-workflow-dangerous-pattern-default-checkout.yml
|
✨ Add dangerous workflow check with untrusted code checkout pattern (#1168)
|
2021-11-15 20:18:10 +00:00 |
|
github-workflow-dangerous-pattern-safe-trigger.yml
|
✨ Add dangerous workflow check with untrusted code checkout pattern (#1168)
|
2021-11-15 20:18:10 +00:00 |
|
github-workflow-dangerous-pattern-trusted-checkout.yml
|
🐛 fix dangerous workflow test and workflow parsing (#1283)
|
2021-11-20 00:16:02 +00:00 |
|
github-workflow-dangerous-pattern-untrusted-checkout.yml
|
✨ Add dangerous workflow check with untrusted code checkout pattern (#1168)
|
2021-11-15 20:18:10 +00:00 |
|
github-workflow-empty.yaml
|
Parsing GitHub Workflows should only happen on yaml files
|
2021-09-06 10:51:33 -05:00 |
|
github-workflow-matrix-expression.yaml
|
🐛 Fixing parsing for Github workflow when matrix is an expression
|
2021-10-25 17:36:37 -05:00 |
|
github-workflow-multiple-unpinned-uses.yaml
|
Using library to parse github workflows
|
2021-11-08 17:00:40 -06:00 |
|
github-workflow-permissions-absent.yaml
|
✨ check for read-only permissions of github token (#534)
|
2021-06-03 16:30:37 -07:00 |
|
github-workflow-permissions-actions.yaml
|
✨ Make Token-Permission check more granular (#773)
|
2021-07-30 00:13:01 +00:00 |
|
github-workflow-permissions-contents.yaml
|
✨ Make Token-Permission check more granular (#773)
|
2021-07-30 00:13:01 +00:00 |
|
github-workflow-permissions-none.yaml
|
✨ check for read-only permissions of github token (#534)
|
2021-06-03 16:30:37 -07:00 |
|
github-workflow-permissions-nones.yaml
|
✨ check for read-only permissions of github token (#534)
|
2021-06-03 16:30:37 -07:00 |
|
github-workflow-permissions-packages-writes.yaml
|
✨ Reduce false positives in Token-Permissions for contents permission (#1253)
|
2021-11-16 03:03:54 +00:00 |
|
github-workflow-permissions-packages.yaml
|
✨ Make Token-Permission check more granular (#773)
|
2021-07-30 00:13:01 +00:00 |
|
github-workflow-permissions-readall.yaml
|
✨ check for read-only permissions of github token (#534)
|
2021-06-03 16:30:37 -07:00 |
|
github-workflow-permissions-reads.yaml
|
✨ check for read-only permissions of github token (#534)
|
2021-06-03 16:30:37 -07:00 |
|
github-workflow-permissions-release-writes.yaml
|
✨ Reduce false positives in Token-Permissions for contents permission (#1253)
|
2021-11-16 03:03:54 +00:00 |
|
github-workflow-permissions-run-codeql-write.yaml
|
✨ Improve token permission check (#800)
|
2021-08-03 00:56:45 +00:00 |
|
github-workflow-permissions-run-no-codeql-write.yaml
|
✨ Improve token permission check (#800)
|
2021-08-03 00:56:45 +00:00 |
|
github-workflow-permissions-run-package-workflow-write.yaml
|
✨ Improve token permission check (#800)
|
2021-08-03 00:56:45 +00:00 |
|
github-workflow-permissions-run-package-write.yaml
|
✨ Improve token permission check (#800)
|
2021-08-03 00:56:45 +00:00 |
|
github-workflow-permissions-run-writes-2.yaml
|
✨ Improve token permission check (#800)
|
2021-08-03 00:56:45 +00:00 |
|
github-workflow-permissions-run-writes.yaml
|
✨ Improve token permission check (#800)
|
2021-08-03 00:56:45 +00:00 |
|
github-workflow-permissions-secevent-deployments.yaml
|
✨ Make Token-Permission check more granular (#773)
|
2021-07-30 00:13:01 +00:00 |
|
github-workflow-permissions-status-checks.yaml
|
✨ Make Token-Permission check more granular (#773)
|
2021-07-30 00:13:01 +00:00 |
|
github-workflow-permissions-writeall.yaml
|
✨ check for read-only permissions of github token (#534)
|
2021-06-03 16:30:37 -07:00 |
|
github-workflow-permissions-writes.yaml
|
✨ check for read-only permissions of github token (#534)
|
2021-06-03 16:30:37 -07:00 |
|
github-workflow-pkg-managers.yaml
|
Detect unverified installs of npm packages (#1043)
|
2021-09-30 19:40:04 +00:00 |
|
github-workflow-shells-all-windows-bash.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-all-windows-matrix-include-empty.yaml
|
Get OSes from matrix.include if present (#1323)
|
2021-11-22 15:40:17 +00:00 |
|
github-workflow-shells-all-windows-matrix-include.yaml
|
Get OSes from matrix.include if present (#1323)
|
2021-11-22 15:40:17 +00:00 |
|
github-workflow-shells-all-windows-matrix.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-all-windows.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-default-macos.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-default-ubuntu.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-default-windows.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-runner-windows-ubuntu.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-specified-job-step.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-specified-job-windows.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-specified-job.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-speficied-step.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-two-shells.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-shells-windows-bash.yaml
|
🐛 Github workflow steps run on Windows should default to pwsh as its shell (#877)
|
2021-09-07 09:09:20 -07:00 |
|
github-workflow-wget-across-steps.yaml
|
Parsing GitHub Workflows should only happen on yaml files
|
2021-09-06 10:51:33 -05:00 |
|
script-bash
|
✨ Check for shell script's insecure download (#606)
|
2021-06-24 17:24:14 +00:00 |
|
script-comments.sh
|
✨ rename Frozen-Deps to Pinned-Dependencies (#765)
|
2021-07-27 16:32:24 -07:00 |
|
script-empty.sh
|
✨ rename Frozen-Deps to Pinned-Dependencies (#765)
|
2021-07-27 16:32:24 -07:00 |
|
script-free-from-download.sh
|
✨ change message to make it more easier for user (#1003)
|
2021-09-13 07:33:40 -07:00 |
|
script-pkg-managers
|
Detect unverified installs of npm packages (#1043)
|
2021-09-30 19:40:04 +00:00 |
|
script-sh
|
✨ Check for shell script's insecure download (#606)
|
2021-06-24 17:24:14 +00:00 |
|
script.sh
|
✨ Check for shell script's insecure download (#606)
|
2021-06-24 17:24:14 +00:00 |
|
shell_file_awk_shebang.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
shell_file_bash_shebang1.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
shell_file_bash_shebang2.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
shell_file_bash_shebang3.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
shell_file_mksh_shebang.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
shell_file_no_shebang.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
shell_file_sh_shebang.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
shell_file_zsh_shebang.sh
|
🐛 Only validate shell scripts supported by our parser (#862)
|
2021-08-19 08:18:45 -07:00 |
|
workflow-mix-github-and-non-github-not-pinned.yaml
|
✨ Give low importance to github-owned actions (#802) (#906)
|
2021-09-09 12:16:31 -07:00 |
|
workflow-mix-github-and-non-github-pinned.yaml
|
✨ Give low importance to github-owned actions (#802) (#906)
|
2021-09-09 12:16:31 -07:00 |
|
workflow-mix-pinned-and-non-pinned-github.yaml
|
✨ Give low importance to github-owned actions (#802) (#906)
|
2021-09-09 12:16:31 -07:00 |
|
workflow-mix-pinned-and-non-pinned-non-github.yaml
|
✨ Give low importance to github-owned actions (#802) (#906)
|
2021-09-09 12:16:31 -07:00 |
|
workflow-non-github-pinned.yaml
|
✨ Give low importance to github-owned actions (#802) (#906)
|
2021-09-09 12:16:31 -07:00 |
|
workflow-not-pinned.yaml
|
✨ Add checks for workflow action pinning (#466)
|
2021-05-17 13:03:39 -07:00 |
|
workflow-pinned.yaml
|
✨ Add checks for workflow action pinning (#466)
|
2021-05-17 13:03:39 -07:00 |
