bitcoindevkit / bdk / 13016593760 / 1
79%
master: 79%

DEFAULT BRANCH: master
Ran
Files 52
Run time 2s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 86.011%. Remained the same
13016593760.1

push

github

notmandatory 
Merge bitcoindevkit/bdk#1778: ci: apply `zizmor` security audit

<a class=hub.com/bitcoindevkit/bdk/commit/30dce98450fb3a919babfe512d8e8d505f3dddd8">30dce9845<a href="https://github.com/bitcoindevkit/bdk/commit/88330f603cb415d01c88f1a579f20a21cb8c1658"> fix(cont-integration): template injection audit (Leonardo Lima)
<a class="double-link" href="https://github.com/bitcoindevkit/bdk/commit/4ce913960a77a8ec857518cd894e12bf59df1bae">4ce913960</a> fix(ci): do not persist credentials (Leonardo Lima)

Pull request description:

  fixes #1775

  <!-- You can erase any parts of this template not applicable to your Pull Request. -->

  ### Description

  I used `zizmor` on all current CI workflows, it's a tool that helps detecting possible vulnerabilities in our CI jobs, see https://woodruffw.github.io/zizmor/.

  It can run against most of it's audit rules, however the ones that require the GitHub API Token would require some with access to it in order to test against it. So this PR does not cover for impostor-commit, ref-confusion known-vulnerable-actions audit rules.

  <!-- Describe the purpose of this PR, what's being adding and/or fixed -->

  ### Notes to the reviewers

  <!-- In this section you can include notes directed to the reviewers, like explaining why some parts
  of the PR were done in a specific way -->

  ### Changelog notice

  - Do not persist credentials on GitHub Actions.

  <!-- Notice the release manager should include in the release tag message changelog -->
  <!-- See https://keepachangelog.com/en/1.0.0/ for examples -->

  ### Checklists

  #### All Submissions:

  * [x] I've signed all my commits
  * [x] I followed the [contribution guidelines](https://github.com/bitcoindevkit/bdk/blob/master/CONTRIBUTING.md)
  * [x] I ran `cargo fmt` and `cargo clippy` before committing

ACKs for top commit:
  notmandatory:
    ACK 30dce98450fb3a919babfe512d8e8d505f3dddd8

Tree-SHA512: 611b51bda65f58cf40e2e1cc6f59e2e06d1

12131 of 14104 relevant lines covered (86.01%)

22522.42 hits per line

Source Files on job 13016593760.1