+* Moved the trigger `issueComment` in the actions/untrusted-checkout-high (CWE-829) and actions/untrusted-checkout-critical (CWE-829) queries to separate queries (actions/untrusted-checkout-issue-comment-high and actions/untrusted-checkout-issue-comment-critical) because while they are vulnerable to the same attack, they do not have the same resolution. Further work is needed to make this trigger safer to use.
0 commit comments