command injection and hardcoded secret #97

Workflow file for this run

	name: Polaris SAST/SCA CICD Scan
	on:
	push:
	branches: [main, master, develop, stage, release]
	pull_request:
	branches: [main, master, develop, stage, release]
	workflow_dispatch:
	#on:
	# schedule:
	# - cron: '0 9 * * *'

	jobs:
	build:
	runs-on: [ubuntu-latest]
	steps:
	- name: Checkout Source
	uses: actions/checkout@v4
	# For compiled languages, uncomment and configure the build setup step below:
	# - name: Setup Java JDK
	# uses: actions/setup-java@v4
	# with:
	# java-version: 21
	# distribution: temurin
	# cache: maven
	- name: Polaris Scan
	uses: blackduck-inc/black-duck-security-scan@v2
	with:
	### SCANNING: Required fields
	polaris_server_url: ${{ secrets.POLARIS_SERVER_URL }}
	polaris_access_token: ${{ secrets.POLARIS_ACCESS_TOKEN }}
	polaris_assessment_types: "SAST"
	#polaris_assessment_types: "SCA,SAST"
	#polaris_test_sca_type: "SCA-SIGNATURE,SCA-PACKAGE"
	polaris.test.sast.location: "remote"

	### SCANNING OPTIONAL
	polaris_application_name: 'susantoblackduck'
	polaris_project_name: 'PythonProjects'
	#polaris_branch_name: 'main'

	### SCANNING OPTIONAL: Pull Request comments
	polaris_prComment_enabled: true
	github_token: ${{ secrets.GITHUB_TOKEN }} # Required when Pull Request comments field enabled

	### ENABLE OPTIONAL SCAN REPORTS
	polaris_reports_sarif_create: true
	polaris_upload_sarif_report: true

	### COVERITY BUILD COMMANDS (uncomment and configure for compiled languages)
	# coverity_build_command: mvn -B -DskipTests package
	# coverity_clean_command: mvn -B clean

	## OPTIONAL DIAGNOSTICS: Upload logs as build artifact if true
	include_diagnostics: false

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

command injection and hardcoded secret #97

Workflow file

command injection and hardcoded secret #97

Uh oh!

Workflow file for this run