Skip to content

Commit 88c36ab

Browse files
committed
actions: regenerate unpinned-tag test expected output
Adding the self_ref_dollar.yml fixture introduces one new step-adjacency edge in the shared CWE-829 test database, which the UntrustedCheckoutCritical query dumps under its edges relation. Regenerate the expected output to include it. No new security findings: the $/ self-references and the lockfile-pinned ref correctly produce no unpinned-tag results.
1 parent 5088f9f commit 88c36ab

1 file changed

Lines changed: 1 addition & 0 deletions

File tree

actions/ql/test/query-tests/Security/CWE-829/UntrustedCheckoutCritical.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -196,6 +196,7 @@ edges
196196
| .github/workflows/resolve-args.yml:20:9:22:6 | Uses Step | .github/actions/download-artifact/action.yaml:6:7:25:4 | Uses Step |
197197
| .github/workflows/resolve-args.yml:20:9:22:6 | Uses Step | .github/workflows/resolve-args.yml:22:9:36:13 | Run Step: resolve-step |
198198
| .github/workflows/reusable_local.yml:23:9:26:6 | Uses Step | .github/workflows/reusable_local.yml:26:9:29:7 | Run Step |
199+
| .github/workflows/self_ref_dollar.yml:11:7:15:4 | Uses Step | .github/workflows/self_ref_dollar.yml:15:7:15:29 | Uses Step |
199200
| .github/workflows/test1.yml:18:9:21:6 | Uses Step | .github/workflows/test1.yml:21:9:24:6 | Run Step |
200201
| .github/workflows/test1.yml:21:9:24:6 | Run Step | .github/workflows/test1.yml:24:9:25:39 | Run Step |
201202
| .github/workflows/test2.yml:13:9:16:6 | Uses Step | .github/workflows/test2.yml:16:9:20:52 | Uses Step |

0 commit comments

Comments
 (0)