Canlin Guo
Canlin Guo
Hi. Here are some fixes/changes in workflows. Lack of explicit permission settings may allow a malicious PR to inject malicious code through write permissions in actions. Adding read-only permissions at...
PLEASE FILL IN THE PR DESCRIPTION HERE ENSURING ALL CHECKLIST ITEMS (AT THE BOTTOM) HAVE BEEN CONSIDERED. ## Purpose ## Test Plan ## Test Result --- Essential Elements of an...
PLEASE FILL IN THE PR DESCRIPTION HERE ENSURING ALL CHECKLIST ITEMS (AT THE BOTTOM) HAVE BEEN CONSIDERED. ## Purpose ## Test Plan ## Test Result --- Essential Elements of an...
### Checklist - [x] I read the [Contribution Guidelines](https://github.com/openid/AppAuth-Android/blob/master/CONTRIBUTING.md) - [x] I signed the CLA and WG Agreements - [x] I ran, updated and added unit tests as necessary. -...
Hi! This PR enhances the CI/CD workflow by applying minimal required permissions for improved security and reliability.
Thanks for submitting a PR! Please read these instructions carefully: - [x] Explain the **motivation** for making this change. - [x] Provide a **test plan** demonstrating that the code is...
I noticed that Scorecard reports a `Dangerous-Workflow` warning when untrusted inputs like `${github.head_ref}` are used in [Python scripts](https://github.com/robotframework/robotframework/blob/master/.github/workflows/acceptance_tests_cpython.yml#L124), even when they are safely passed to `subprocess.check_call("cmd", variable])` using a list....
## Description Currently, the **Vulnerability check** in Scorecard relies on `osv-scanner` to detect known vulnerabilities. The scoring logic is: - The fewer unpatched vulnerabilities, the higher the score. - Projects...
PLEASE FILL IN THE PR DESCRIPTION HERE ENSURING ALL CHECKLIST ITEMS (AT THE BOTTOM) HAVE BEEN CONSIDERED. ## Purpose There has existed one `_decode_and_store_request_payloads` in `execute_model`. Remove the one in...
### Motivation. Currently(#231), the NPU CI is triggered for every PR. When the CI breaks, developers who do not have access to NPU hardware may find it difficult to debug...