-
Notifications
You must be signed in to change notification settings - Fork 313
34 lines (30 loc) · 1022 Bytes
/
regexploit.yml
File metadata and controls
34 lines (30 loc) · 1022 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#Github Workflow to find exploitable regular expressions
#uses regexploit: https://github.com/doyensec/regexploit
#
#SPDX-FileCopyrightText: 2021 Sebastian Wagner
#SPDX-License-Identifier: AGPL-3.0-or-later
name: "Regular expression check"
on:
push:
branches: [develop, maintenance, master]
paths-ignore:
- '.github/**'
pull_request:
branches: [develop, maintenance]
paths-ignore:
- '.github/**'
jobs:
regexploit:
name: Find regular expressions which are vulnerable to ReDoS
runs-on: ubuntu-latest
# This should not fail the whole workflow run
continue-on-error: true
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install regexploit
#run: pip install regexploit
# See https://github.com/doyensec/regexploit/pull/16
run: pip install git+https://github.com/sebix/regexploit.git@unsupported-ops-yaml
- name: Run regexploit
run: /home/runner/work/intelmq/intelmq/.github/workflows/scripts/regexploit.sh