This repository was archived by the owner on Apr 27, 2024. It is now read-only.
This repository was archived by the owner on Apr 27, 2024. It is now read-only.
[Security] Workflow codequality.yml is using vulnerable action icrawl/action-eslint #215
Description
The workflow codequality.yml is referencing action icrawl/action-eslint using references v1. However this reference is missing the commit 6dc0a98684faaf68189ea27d07874b800c0a6725 which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.