Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 Add nil check before accessing a step's uses value. #2935

Merged
merged 1 commit into from
May 2, 2023
Merged

🐛 Add nil check before accessing a step's uses value. #2935

merged 1 commit into from
May 2, 2023

Conversation

spencerschrock
Copy link
Contributor

What kind of change does this PR introduce?

bug fix

What is the current behavior?

A workflow step with env or with set, but without a uses field causes the SAST check to panic.
https://github.com/nl-design-system/denhaag/blob/329158ae47a4bfafb424741b2699f8c254ffd671/.github/workflows/cicd.yml#L103-L112

What is the new behavior (if this is a feature change)?**

We check for nil pointers before deref

  • Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

NONE

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

NONE

@spencerschrock
Add nil check before accessing a step's uses value.
4eef88c 
Signed-off-by: Spencer Schrock <sschrock@google.com>
@spencerschrock spencerschrock temporarily deployed to integration-test May 2, 2023 17:51 — with GitHub Actions Inactive
@codecov
Copy link

codecov bot commented May 2, 2023
edited

Codecov Report

Merging #2935 (4eef88c) into main (72e6977) will increase coverage by 1.86%.
The diff coverage is 0.00%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2935      +/-   ##
==========================================
+ Coverage   52.67%   54.54%   +1.86%     
==========================================
  Files         158      158              
  Lines       12066    12066              
==========================================
+ Hits         6356     6581     +225     
+ Misses       5339     5104     -235     
- Partials      371      381      +10

@spencerschrock spencerschrock merged commit 700faf1 into ossf:main May 2, 2023
@spencerschrock spencerschrock deleted the fix/sast-panic branch May 2, 2023 18:32
raghavkaul pushed a commit to raghavkaul/scorecard that referenced this pull request May 3, 2023
@spencerschrock @raghavkaul
🐛 Add nil check before accessing a step's uses value. (ossf#2935)
1cd4063 
Signed-off-by: Spencer Schrock <sschrock@google.com>
balteravishay pushed a commit to balteravishay/scorecard that referenced this pull request May 29, 2023
@spencerschrock @balteravishay
🐛 Add nil check before accessing a step's uses value. (ossf#2935)
63616e4 
Signed-off-by: Spencer Schrock <sschrock@google.com>
Signed-off-by: Avishay <avishay.balter@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@naveensrinivasan naveensrinivasan naveensrinivasan approved these changes

@azeemshaikh38 azeemshaikh38 Awaiting requested review from azeemshaikh38

@justaugustus justaugustus Awaiting requested review from justaugustus

@laurentsimon laurentsimon Awaiting requested review from laurentsimon

@raghavkaul raghavkaul Awaiting requested review from raghavkaul

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@spencerschrock @naveensrinivasan