openvas-scanner icon indicating copy to clipboard operation
openvas-scanner copied to clipboard
verified publisher icon greenbone

Fix Add or Update detect-hidden-unicode.yml

Open greenbonebot opened this issue 2 months ago • 3 comments

greenbonebot avatar Nov 05 '25 12:11 greenbonebot

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA d170cfe859316cfad19528e322491e937d7b86f1.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/greenbone/actions/detect-hidden-unicode 3.*.* UnknownUnknown

Scanned Files

  • .github/workflows/detect-hidden-unicode.yml

github-actions[bot] avatar Nov 05 '25 12:11 github-actions[bot]

Nit: would it be possible to get an easier method to white-list files that are allowed to have hidden characters? We do quite a bit of wonky testing, as provide a NASL interpreter, so there is a possibility that we write will write a NASL test that contains a hidden character, which in return could be quite confusing to debug why it is failing with this action enabled.

nichtsfrei avatar Nov 06 '25 07:11 nichtsfrei

Scan: '.github/workflows/detect-hidden-unicode.yml'

Nothing detected in .github/workflows/detect-hidden-unicode.yml Scan took 0.00 seconds

greenbonebot avatar Dec 09 '25 14:12 greenbonebot