Merge pull request #51 from AikidoSec/fix/use-correct-startsWith

Fix: use correct startsWith function on string
AikidoSec · May 10, 2024 · 47d83db · 47d83db
2 parents cab786f + 8070af2
commit 47d83db
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -21,7 +21,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Detect new vulnerabilities
-        uses: AikidoSec/[email protected].12
+        uses: AikidoSec/[email protected].13
         with:
             secret-key: ${{ secrets.AIKIDO_SECRET_KEY }}
             fail-on-timeout: true

diff --git a/dist/index.js b/dist/index.js
@@ -189,7 +189,7 @@ async function run() {
             core.info(`starting a scan with secret key: "${redactedToken}"`);
         }
         else {
-            const isLikelyDependabotPr = ((_8 = startScanPayload.branch_name) !== null && _8 !== void 0 ? _8 : '').starts_with('dependabot/');
+            const isLikelyDependabotPr = ((_8 = startScanPayload.branch_name) !== null && _8 !== void 0 ? _8 : '').startsWith('dependabot/');
             if (isLikelyDependabotPr) {
                 core.info(`it looks like the action is running on a dependabot PR, this means that secret variables are not available in this context and thus we can not start a scan. Please see: https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/`);
                 core.setOutput('outcome', STATUS_SUCCEEDED);

diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/src/main.ts b/src/main.ts
@@ -75,7 +75,7 @@ async function run(): Promise<void> {
 			const redactedToken = '********************' + secretKey.slice(-4);
 			core.info(`starting a scan with secret key: "${redactedToken}"`);
 		} else {
-			const isLikelyDependabotPr = (startScanPayload.branch_name ?? '').starts_with('dependabot/')
+			const isLikelyDependabotPr = (startScanPayload.branch_name ?? '').startsWith('dependabot/')
 			if (isLikelyDependabotPr) {
 				core.info(`it looks like the action is running on a dependabot PR, this means that secret variables are not available in this context and thus we can not start a scan. Please see: https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/`);
 				core.setOutput('outcome', STATUS_SUCCEEDED);