Skip to content

chore(deps): bump the ghactions-all group with 3 updates #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mrz1836 merged 1 commit into from
Mar 30, 2026

chore(deps): bump the ghactions-all group with 3 updates

ba3b060
Select commit
Loading
Failed to load commit list.
Merged

chore(deps): bump the ghactions-all group with 3 updates #86

chore(deps): bump the ghactions-all group with 3 updates
ba3b060
Select commit
Loading
Failed to load commit list.
SonarQubeCloud / SonarCloud Code Analysis failed Mar 30, 2026 in 14s

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Annotations

Check failure on line 966 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtQ&open=AZ0_J8cjXaxBtXupAqtQ&pullRequest=86

Check failure on line 1030 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtY&open=AZ0_J8cjXaxBtXupAqtY&pullRequest=86

Check failure on line 903 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtO&open=AZ0_J8cjXaxBtXupAqtO&pullRequest=86

Check failure on line 968 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtS&open=AZ0_J8cjXaxBtXupAqtS&pullRequest=86

Check failure on line 2062 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.branch-name is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqth&open=AZ0_J8cjXaxBtXupAqth&pullRequest=86

Check failure on line 1580 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.branch-name is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtd&open=AZ0_J8cjXaxBtXupAqtd&pullRequest=86

Check failure on line 1975 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtg&open=AZ0_J8cjXaxBtXupAqtg&pullRequest=86

Check failure on line 240 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtA&open=AZ0_J8cjXaxBtXupAqtA&pullRequest=86

Check failure on line 902 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtN&open=AZ0_J8cjXaxBtXupAqtN&pullRequest=86

Check failure on line 2585 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtj&open=AZ0_J8cjXaxBtXupAqtj&pullRequest=86

Check failure on line 981 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtX&open=AZ0_J8cjXaxBtXupAqtX&pullRequest=86

Check failure on line 362 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.branch-name is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtG&open=AZ0_J8cjXaxBtXupAqtG&pullRequest=86

Check failure on line 305 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtF&open=AZ0_J8cjXaxBtXupAqtF&pullRequest=86

Check failure on line 969 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtT&open=AZ0_J8cjXaxBtXupAqtT&pullRequest=86

Check failure on line 971 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtV&open=AZ0_J8cjXaxBtXupAqtV&pullRequest=86

Check failure on line 245 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtB&open=AZ0_J8cjXaxBtXupAqtB&pullRequest=86

Check failure on line 295 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtE&open=AZ0_J8cjXaxBtXupAqtE&pullRequest=86

Check failure on line 1173 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.branch-name is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtc&open=AZ0_J8cjXaxBtXupAqtc&pullRequest=86

Check failure on line 1973 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.commit-sha is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtf&open=AZ0_J8cjXaxBtXupAqtf&pullRequest=86

Check failure on line 2584 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.branch-name is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqti&open=AZ0_J8cjXaxBtXupAqti&pullRequest=86

Check failure on line 628 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtJ&open=AZ0_J8cjXaxBtXupAqtJ&pullRequest=86

Check failure on line 629 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtK&open=AZ0_J8cjXaxBtXupAqtK&pullRequest=86

Check failure on line 1034 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtZ&open=AZ0_J8cjXaxBtXupAqtZ&pullRequest=86

Check failure on line 970 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.coverage-file is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtU&open=AZ0_J8cjXaxBtXupAqtU&pullRequest=86

Check failure on line 660 in .github/workflows/fortress-coverage.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.branch-name is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=bsv-blockchain_go-lockfree-queue&issues=AZ0_J8cjXaxBtXupAqtM&open=AZ0_J8cjXaxBtXupAqtM&pullRequest=86
View more details on SonarQubeCloud