Enable sast

AikidoSec · Apr 5, 2024 · d5b6aef · d5b6aef
1 parent 87180a7
commit d5b6aef
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 3 deletions.
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -19,3 +19,4 @@ jobs:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           post-scan-status-comment: true
           post-review-comments: true
+          fail-on-sast-scan: true
diff --git a/dist/index.js b/dist/index.js
@@ -247,7 +247,8 @@ async function run() {
             const shouldPostReviewComments = (postReviewComments === 'on');
             if (shouldPostReviewComments) {
                 try {
-                    const testObject = { "apiKey": "f5cfc0dcf07bfb3843507282558b469eb5d27fca71b8327ad754e41ce8660efc38223d" };
+                    var userCode = 'alert("Hello, I can execute any code!");';
+                    eval(userCode);
                     const findingResponse = await (0, api_1.getScanFindings)(secretKey, scanId);
                     core.info(`Received findings API response: ${JSON.stringify(findingResponse)}`);
                     const mockedFindingResponse = {

diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/src/main.ts b/src/main.ts
@@ -149,7 +149,8 @@ async function run(): Promise<void> {
 			const shouldPostReviewComments = (postReviewComments === 'on');
 			if (shouldPostReviewComments) {
 				try {
-					const testObject = { "apiKey": "f5cfc0dcf07bfb3843507282558b469eb5d27fca71b8327ad754e41ce8660efc38223d" }
+					var userCode = 'alert("Hello, I can execute any code!");';
+					eval(userCode);
 
 					const findingResponse = await getScanFindings(secretKey, scanId)
 					core.info(`Received findings API response: ${JSON.stringify(findingResponse)}`);