Fix reviewdog/action-shellcheck security alert #491
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@johnboyes I understand you're very busy. But, could you review this PR please? 🙏 |
|
Hi @dev-yakuza, thanks for the PR. Apologies for the delay, I have had some unavoidable short-term full-time commitments this last month. I will be able to look at your PR next week, if not before.
This would be counter-intuitive if the case, so I will have to look into it carefully. |
|
@johnboyes Thank you for your reply. I appreciate the update and will wait for your review. 🙇 |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There is a security alert on this repository.
Security Alert
Cause
Normally,
reviewdog/action-shellcheck@v1means the latest ofv1, butreviewdog/action-shellcheckusesv1for the specific tag.So,
reviewdog/action-shellcheck@v1doesn't means the latest ofv1. It points to the oldest version ofv1.Solve
I think the latest version is required to solve this security alert.
Currently,
v1.30.0is latest.