-
Notifications
You must be signed in to change notification settings - Fork 296
32 lines (28 loc) · 873 Bytes
/
regexploit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#Github Workflow to find exploitable regular expressions
#uses regexploit: https://github.com/doyensec/regexploit
#
#SPDX-FileCopyrightText: 2021 Sebastian Wagner
#SPDX-License-Identifier: AGPL-3.0-or-later
name: "Regular expression check"
on:
push:
branches: [develop, maintenance, master]
paths-ignore:
- '.github/**'
pull_request:
branches: [develop, maintenance]
paths-ignore:
- '.github/**'
jobs:
regexploit:
name: Find regular expressions which are vulnerable to ReDoS
runs-on: ubuntu-20.04
# This should not fail the whole workflow run
continue-on-error: true
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install regexploit
run: pip install regexploit
- name: Run regexploit
run: /home/runner/work/intelmq/intelmq/.github/workflows/scripts/regexploit.sh