[sarif] reported by reviewdog 🐶 code injection via template expansion Raw Output: {"kind":"fail","level":"error","locations":[{"logicalLocations":[{"properties":{}}],"message":{"text":"may expand into attacker-controllable code"},"physicalLocation":{"artifactLocation":{"uri":".github/workflows/docker-build-and-push.yml"},"region":{"endColumn":50,"endLine":146,"snippet":{"text":"./${{ inputs.working-directory }}"},"sourceLanguage":"yaml","startColumn":26,"startLine":146}}}],"message":{"text":"code injection via template expansion"},"relatedLocations":[{"logicalLocations":[{"properties":{}}],"message":{"text":"action accepts arbitrary code"},"physicalLocation":{"artifactLocation":{"uri":".github/workflows/docker-build-and-push.yml"},"region":{"endColumn":80,"endLine":142,"snippet":{"text":" uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83"},"sourceLanguage":"yaml","startColumn":9,"startLine":142}}},{"logicalLocations":[{"properties":{}}],"message":{"text":"via this input"},"physicalLocation":{"artifactLocation":{"uri":".github/workflows/docker-build-and-push.yml"},"region":{"endColumn":18,"endLine":146,"snippet":{"text":"context"},"sourceLanguage":"yaml","startColumn":11,"startLine":146}}}],"ruleId":"zizmor/template-injection"}

[sarif] reported by reviewdog 🐶 code injection via template expansion Raw Output: {"kind":"fail","level":"error","locations":[{"logicalLocations":[{"properties":{}}],"message":{"text":"may expand into attacker-controllable code"},"physicalLocation":{"artifactLocation":{"uri":".github/workflows/docker-build-and-push.yml"},"region":{"endColumn":50,"endLine":132,"snippet":{"text":"./${{ inputs.working-directory }}"},"sourceLanguage":"yaml","startColumn":26,"startLine":132}}}],"message":{"text":"code injection via template expansion"},"relatedLocations":[{"logicalLocations":[{"properties":{}}],"message":{"text":"action accepts arbitrary code"},"physicalLocation":{"artifactLocation":{"uri":".github/workflows/docker-build-and-push.yml"},"region":{"endColumn":80,"endLine":127,"snippet":{"text":" uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83"},"sourceLanguage":"yaml","startColumn":9,"startLine":127}}},{"logicalLocations":[{"properties":{}}],"message":{"text":"via this input"},"physicalLocation":{"artifactLocation":{"uri":".github/workflows/docker-build-and-push.yml"},"region":{"endColumn":18,"endLine":132,"snippet":{"text":"context"},"sourceLanguage":"yaml","startColumn":11,"startLine":132}}}],"ruleId":"zizmor/template-injection"}

[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2129:style:2:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck] Raw Output: e:.github/workflows/terraform-ci.yml:176:9: shellcheck reported issue in this script: SC2129:style:2:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck]

[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:4:15: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/terraform-ci.yml:176:9: shellcheck reported issue in this script: SC2086:info:4:15: Double quote to prevent globbing and word splitting [shellcheck]

[actionlint] reported by reviewdog 🐶 shellcheck reported issue in this script: SC2086:info:3:17: Double quote to prevent globbing and word splitting [shellcheck] Raw Output: i:.github/workflows/terraform-ci.yml:176:9: shellcheck reported issue in this script: SC2086:info:3:17: Double quote to prevent globbing and word splitting [shellcheck]