Merge pull request #83 from MetaMask/release/2.0.6

2.0.6

Author: witmicko

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@metamask/action-security-code-scanner",
-  "version": "2.0.5",
+  "version": "2.0.6",
   "private": true,
   "description": "Security Code Scanner",
   "repository": {

packages/codeql-action/CHANGELOG.md

@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.0.6]
+
+### Uncategorized
+
+- fix(codeql): prevent shell injection in debug steps and build command
+
 ## [2.0.5]
 
 ### Fixed
@@ -35,7 +41,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added multi language support
 - Updated CodeQL action to v4
 
-[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...HEAD
+[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.6...HEAD
+[2.0.6]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...v2.0.6
 [2.0.5]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.3...v2.0.5
 [2.0.3]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.1...v2.0.3
 [2.0.1]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.0...v2.0.1

packages/codeql-action/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@metamask/codeql-action",
-  "version": "2.0.5",
+  "version": "2.0.6",
   "private": true,
   "description": "Custom CodeQL analysis action",
   "keywords": [],

packages/semgrep-action/CHANGELOG.md

@@ -7,17 +7,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## [2.0.5]
+## [2.0.6]
 
-### Fixed
+### Uncategorized
 
-- refactor: simplify Semgrep action by removing unnecessary file copy step
-- fix: update .semgrepignore to include .security-scanner directory
+- fix(semgrep): prevent shell injection by using environment variable for paths_ignored
+
+## [2.0.5]
 
 ### Added
 
 - feat: add rule to catch npx usage in JS/TS/YAML
 
+### Fixed
+
+- refactor: simplify Semgrep action by removing unnecessary file copy step
+- fix: update .semgrepignore to include .security-scanner directory
+
 ## [2.0.2]
 
 ## [2.0.1]
@@ -33,7 +39,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Migrated action from its separate repository to the monorepo
 
-[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...HEAD
+[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.6...HEAD
+[2.0.6]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...v2.0.6
 [2.0.5]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.2...v2.0.5
 [2.0.2]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.1...v2.0.2
 [2.0.1]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.0...v2.0.1

packages/semgrep-action/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@metamask/semgrep-action",
-  "version": "2.0.5",
+  "version": "2.0.6",
   "private": true,
   "description": "Semgrep-based security scanning action",
   "keywords": [