Skip to content
/ vrd Public

GitHub action to detect vulnerable regex in a commit.

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

meekdenzo/vrd

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits

LICENSE

LICENSE

 
 

README.md

README.md

 
 

action.yml

action.yml

 
 

entrypoint.sh

entrypoint.sh

 
 

Repository files navigation

vrd

A GitHub action to detect vulnerable regex in a pull request.

Usage

Add the following to your workflow configuration:

...
      - name: Checkout repository
        uses: actions/checkout@v2
        with: 
          fetch-depth: '0'
          
      - name: Scan for redos
        uses: meekdenzo/vrd@v1.0.3
...

Note that fetch-depth: '0'

Example

Your full basic workflow should look something like this:

name: vuln-regex-detector
on: [workflow_dispatch]
jobs:
  build:
    name: Scan for redos
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v2
        with: 
          fetch-depth: '0'
 
      - name: Scan for redos
        uses: meekdenzo/vrd@v1.0.3

About

GitHub action to detect vulnerable regex in a commit.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases 4

Feature enhancement Latest
Jan 10, 2022
+ 3 releases

Packages

No packages published

Languages