Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for exposed GitLab CI configuration file #234

Merged
merged 1 commit into from
Nov 4, 2024
Merged

Check for exposed GitLab CI configuration file #234

merged 1 commit into from
Nov 4, 2024

Conversation

mestizo
Copy link
Contributor

@mestizo mestizo commented Oct 31, 2024

A BCheck to check for exposed GitLab GI yaml configuration files

  • BCheck compiles and executes as expected
  • BCheck contains appropriate metadata (name, version, author, description and appropriate tags)
  • Only .bcheck files have been added or modified
  • BCheck is in the appropriate folder
  • PR contains single or limited number of BChecks (Multiple PRs are preferred)
  • BCheck attempts to minimize false positives

@Michelle-PortSwigger
Copy link
Contributor

Looks good :)
If you wanted to make further improvements to reduce false positives you could include the status code in your check as well as looking for the word "stage"

Michelle-PortSwigger
Michelle-PortSwigger approved these changes Nov 4, 2024
View reviewed changes
Copy link
Contributor

@Michelle-PortSwigger Michelle-PortSwigger left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good :)
If you wanted to make further improvements to reduce false positives you could include the status code in your check as well as looking for the word "stage"

PortSwiggerWiener
PortSwiggerWiener approved these changes Nov 4, 2024
View reviewed changes
Copy link
Collaborator

@PortSwiggerWiener PortSwiggerWiener left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Many thanks for your submission.

Looks good. 👍

@PortSwiggerWiener PortSwiggerWiener merged commit 2ee5cb7 into PortSwigger:main Nov 4, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PortSwiggerWiener PortSwiggerWiener PortSwiggerWiener approved these changes

@Michelle-PortSwigger Michelle-PortSwigger Michelle-PortSwigger approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mestizo @Michelle-PortSwigger @PortSwiggerWiener