mirror of
https://github.com/zizmorcore/zizmor.git
synced 2025-12-23 08:47:33 +00:00
chore(tests): add testcases for #742 (#1134)
Some checks failed
Benchmark baseline / Continuous Benchmarking with Bencher (push) Has been cancelled
CI / Lint (push) Has been cancelled
CI / Test (push) Has been cancelled
CI / Test site build (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Has been cancelled
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Has been cancelled
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Has been cancelled
CI / All tests pass (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Release (push) Has been cancelled
Some checks failed
Benchmark baseline / Continuous Benchmarking with Bencher (push) Has been cancelled
CI / Lint (push) Has been cancelled
CI / Test (push) Has been cancelled
CI / Test site build (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (manylinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Linux wheels (musllinux) (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build Windows wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build macOS wheels (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Build source distribution (push) Has been cancelled
Deploy zizmor documentation site 🌐 / Deploy zizmor documentation to GitHub Pages 🌐 (push) Has been cancelled
GitHub Actions Security Analysis with zizmor 🌈 / Run zizmor 🌈 (push) Has been cancelled
CI / All tests pass (push) Has been cancelled
zizmor wheel builds for PyPI 🐍 / Release (push) Has been cancelled
This commit is contained in:
William Woodruff
GitHub
parent
6733f23fb4
commit
7636eca468
2 changed files with 85 additions and 2 deletions
|
|
@ -1,8 +1,39 @@
|
|||
---
|
||||
source: crates/zizmor/tests/integration/snapshot.rs
|
||||
expression: "zizmor().input(input_under_test(\"unsound-condition.yml\")).run()?"
|
||||
snapshot_kind: text
|
||||
---
|
||||
help[obfuscation]: obfuscated usage of GitHub Actions features
|
||||
--> @@INPUT@@:68:25
|
||||
|
|
||||
68 | if: true && ${{ false }}
|
||||
| ----- help: can be replaced by its static evaluation
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
help[obfuscation]: obfuscated usage of GitHub Actions features
|
||||
--> @@INPUT@@:73:17
|
||||
|
|
||||
73 | if: ${{ false }} && true
|
||||
| ----- help: can be replaced by its static evaluation
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
help[obfuscation]: obfuscated usage of GitHub Actions features
|
||||
--> @@INPUT@@:78:17
|
||||
|
|
||||
78 | if: ${{ false }} lol
|
||||
| ----- help: can be replaced by its static evaluation
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
help[obfuscation]: obfuscated usage of GitHub Actions features
|
||||
--> @@INPUT@@:83:21
|
||||
|
|
||||
83 | if: lol ${{ false }}
|
||||
| ----- help: can be replaced by its static evaluation
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
error[unsound-condition]: unsound conditional expression
|
||||
--> @@INPUT@@:27:9
|
||||
|
|
||||
|
|
@ -32,4 +63,36 @@ error[unsound-condition]: unsound conditional expression
|
|||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
3 findings: 0 unknown, 0 informational, 0 low, 0 medium, 3 high
|
||||
error[unsound-condition]: unsound conditional expression
|
||||
--> @@INPUT@@:68:9
|
||||
|
|
||||
68 | if: true && ${{ false }}
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^ condition always evaluates to true
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
error[unsound-condition]: unsound conditional expression
|
||||
--> @@INPUT@@:73:9
|
||||
|
|
||||
73 | if: ${{ false }} && true
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^ condition always evaluates to true
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
error[unsound-condition]: unsound conditional expression
|
||||
--> @@INPUT@@:78:9
|
||||
|
|
||||
78 | if: ${{ false }} lol
|
||||
| ^^^^^^^^^^^^^^^^^^^^ condition always evaluates to true
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
error[unsound-condition]: unsound conditional expression
|
||||
--> @@INPUT@@:83:9
|
||||
|
|
||||
83 | if: lol ${{ false }}
|
||||
| ^^^^^^^^^^^^^^^^^^^^ condition always evaluates to true
|
||||
|
|
||||
= note: audit confidence → High
|
||||
|
||||
11 findings: 0 unknown, 0 informational, 4 low, 0 medium, 7 high
|
||||
|
|
|
|||
|
|
@ -62,3 +62,23 @@ jobs:
|
|||
&& other.context
|
||||
}}
|
||||
run: echo not ok
|
||||
|
||||
- name: 10-not-ok
|
||||
# NOT OK: evaluates to true because of stringification
|
||||
if: true && ${{ false }}
|
||||
run: echo not ok
|
||||
|
||||
- name: 11-not-ok
|
||||
# NOT OK: evaluates to true because of stringification
|
||||
if: ${{ false }} && true
|
||||
run: echo not ok
|
||||
|
||||
- name: 12-not-ok
|
||||
# NOT OK: evaluates to true because of stringification
|
||||
if: ${{ false }} lol
|
||||
run: echo not ok
|
||||
|
||||
- name: 13-not-ok
|
||||
# NOT OK: evaluates to true because of stringification
|
||||
if: lol ${{ false }}
|
||||
run: echo not ok
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue