You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Checking out a version tag allows upstream attacks where the repo can be modified to contain malicious code and update the tags. We will checkout the version tag containing the malicious code and build a vulnerably Docker image.
Specifying the commit hash acts as a checksum, so if the upstream repo is modified, we won't checkout the new malicious code.
The text was updated successfully, but these errors were encountered:
Checking out a version tag allows upstream attacks where the repo can be modified to contain malicious code and update the tags. We will checkout the version tag containing the malicious code and build a vulnerably Docker image.
Specifying the commit hash acts as a checksum, so if the upstream repo is modified, we won't checkout the new malicious code.
The text was updated successfully, but these errors were encountered: