Skip to content

Security fix for profiling workflow#455

Merged
leonardocarreras merged 1 commit into
sogno-platform:masterfrom
leonardocarreras:fix-security-risk-profiling
Dec 9, 2025
Merged

Security fix for profiling workflow#455
leonardocarreras merged 1 commit into
sogno-platform:masterfrom
leonardocarreras:fix-security-risk-profiling

Conversation

@leonardocarreras
Copy link
Copy Markdown
Contributor

@leonardocarreras leonardocarreras commented Dec 8, 2025

Avoids passing commands as inputs in script

@leonardocarreras leonardocarreras self-assigned this Dec 8, 2025
@leonardocarreras leonardocarreras added this to the Release 1.2.0 milestone Dec 8, 2025
@leonardocarreras leonardocarreras marked this pull request as ready for review December 8, 2025 18:19
@codecov
Copy link
Copy Markdown

codecov Bot commented Dec 8, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.18%. Comparing base (89667ab) to head (c3b0407).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #455      +/-   ##
==========================================
- Coverage   65.22%   65.18%   -0.04%     
==========================================
  Files         374      374              
  Lines       22723    22723              
  Branches    11240    11239       -1     
==========================================
- Hits        14820    14812       -8     
+ Misses       7902     7836      -66     
- Partials        1       75      +74

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@leonardocarreras leonardocarreras moved this to Ready for Review in DPsim Dec 8, 2025
@stv0g
Copy link
Copy Markdown
Contributor

stv0g commented Dec 8, 2025

I dont see any changes in the diff, apart from whitespace changes?

@leonardocarreras
Copy link
Copy Markdown
Contributor Author

leonardocarreras commented Dec 8, 2025

The code is expanded as environment variables, then run
image
This is according to https://github.com/sogno-platform/dpsim/security/code-scanning/21
image

@leonardocarreras
Security fix for profiling workflow
c3b0407 
Signed-off-by: Leonardo Carreras <leonardo.carreras@eonerc.rwth-aachen.de>
@leonardocarreras leonardocarreras force-pushed the fix-security-risk-profiling branch from 06f79ff to c3b0407 Compare December 9, 2025 16:11
@leonardocarreras leonardocarreras merged commit c42c5c2 into sogno-platform:master Dec 9, 2025
27 of 28 checks passed
@github-project-automation github-project-automation Bot moved this from Ready for Review to Done in DPsim Dec 9, 2025
@leonardocarreras leonardocarreras deleted the fix-security-risk-profiling branch December 10, 2025 10:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pipeacosta pipeacosta pipeacosta approved these changes

@m-mirz m-mirz Awaiting requested review from m-mirz m-mirz is a code owner

@stv0g stv0g Awaiting requested review from stv0g stv0g is a code owner

@iripiri iripiri Awaiting requested review from iripiri

@Haifischbecken Haifischbecken Awaiting requested review from Haifischbecken

Assignees

@leonardocarreras leonardocarreras

Labels

ci

Projects

DPsim
Status: Done

Milestone

Release 1.2.0

Development

Successfully merging this pull request may close these issues.

3 participants

@leonardocarreras @stv0g @pipeacosta