ci: exclude internal/librariangen/** using dorny/paths-filter #3961
19 new alerts including 19 medium severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 19 medium
See annotations below for details.
Annotations
Check warning on line 20 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 75 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 110 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 146 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 194 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 243 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 259 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 276 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 334 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 406 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 438 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 457 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 482 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 498 in .github/workflows/ci.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 30 in .github/workflows/dependency_compatibility_test.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 32 in .github/workflows/java_compatibility_check.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 60 in .github/workflows/java_compatibility_check.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 21 in .github/workflows/sonar.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
Check warning on line 93 in .github/workflows/sonar.yaml
github-advanced-security / CodeQL
Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}