@@ -685,6 +685,8 @@ nodes
685685| .github/workflows/workflow_call.yml:30:18:30:36 | inputs.title | semmle.label | inputs.title |
686686| .github/workflows/workflow_call.yml:35:18:35:36 | inputs.count | semmle.label | inputs.count |
687687| .github/workflows/workflow_call.yml:40:18:40:35 | inputs.flag | semmle.label | inputs.flag |
688+ | .github/workflows/workflow_call_and_dispatch.yml:34:18:34:36 | inputs.title | semmle.label | inputs.title |
689+ | .github/workflows/workflow_call_and_dispatch.yml:38:18:38:35 | inputs.body | semmle.label | inputs.body |
688690| .github/workflows/workflow_dispatch.yml:36:18:36:36 | inputs.title | semmle.label | inputs.title |
689691| .github/workflows/workflow_dispatch.yml:41:18:41:35 | inputs.body | semmle.label | inputs.body |
690692| .github/workflows/workflow_run.yml:9:19:9:64 | github.event.workflow_run.display_title | semmle.label | github.event.workflow_run.display_title |
@@ -759,6 +761,8 @@ subpaths
759761| .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test21.yml:22:35:22:73 | github.event.head_commit.message | ${{ github.event.head_commit.message }} |
760762| .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test21.yml:23:36:23:74 | github.event.head_commit.message | ${{ github.event.head_commit.message }} |
761763| .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/test21.yml:24:50:24:88 | github.event.head_commit.message | ${{ github.event.head_commit.message }} |
764+ | .github/workflows/workflow_call_and_dispatch.yml:34:18:34:36 | inputs.title | .github/workflows/workflow_call_and_dispatch.yml:34:18:34:36 | inputs.title | .github/workflows/workflow_call_and_dispatch.yml:34:18:34:36 | inputs.title | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_call_and_dispatch.yml:34:18:34:36 | inputs.title | ${{ inputs.title }} |
765+ | .github/workflows/workflow_call_and_dispatch.yml:38:18:38:35 | inputs.body | .github/workflows/workflow_call_and_dispatch.yml:38:18:38:35 | inputs.body | .github/workflows/workflow_call_and_dispatch.yml:38:18:38:35 | inputs.body | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_call_and_dispatch.yml:38:18:38:35 | inputs.body | ${{ inputs.body }} |
762766| .github/workflows/workflow_dispatch.yml:36:18:36:36 | inputs.title | .github/workflows/workflow_dispatch.yml:36:18:36:36 | inputs.title | .github/workflows/workflow_dispatch.yml:36:18:36:36 | inputs.title | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_dispatch.yml:36:18:36:36 | inputs.title | ${{ inputs.title }} |
763767| .github/workflows/workflow_dispatch.yml:41:18:41:35 | inputs.body | .github/workflows/workflow_dispatch.yml:41:18:41:35 | inputs.body | .github/workflows/workflow_dispatch.yml:41:18:41:35 | inputs.body | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_dispatch.yml:41:18:41:35 | inputs.body | ${{ inputs.body }} |
764768| .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | Potential code injection in $@, which may be controlled by an external user. | .github/workflows/workflow_run_branches1.yml:13:20:13:63 | github.event.workflow_run.head_branch | ${{ github.event.workflow_run.head_branch }} |
0 commit comments