Skip to content
This repository has been archived by the owner on Mar 17, 2021. It is now read-only.

security: SONAR_TOKEN is exposed publicly #640

Open
ohbus opened this issue Feb 5, 2021 · 0 comments
Open

security: SONAR_TOKEN is exposed publicly #640

ohbus opened this issue Feb 5, 2021 · 0 comments
Labels
bug Something isn't working

Comments

@ohbus
Copy link
Contributor

ohbus commented Feb 5, 2021

The GitHub Actions Antenna Build has a security vulnerability which can be exploited to run scans for the project provided the pom has been been configured for the same.

I would request you to add this to the secrets.
@ohbus ohbus added the bug Something isn't working label Feb 5, 2021
@ohbus ohbus mentioned this issue Feb 5, 2021
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Make SONAR_TOKEN as a secret
1 participant
@ohbus