Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: Giskard-AI/giskard-oss
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.18.1
Choose a base ref
...
head repository: Giskard-AI/giskard-oss
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
  • 2 commits
  • 2 files changed
  • 2 contributors

Commits on Oct 23, 2025

  1. fix(security): prevent command injection in GitHub Actions workflows 

    - Use environment variables instead of direct interpolation for user inputs
- Add proper quoting for environment variables in shell commands
- Fix create-release.yml: use INPUT_VERSION env var for inputs.version
- Fix retry-workflow.yml: use RUN_ID env var for inputs.run_id

Resolves high-severity security vulnerability in workflow variable interpolation
    @kevinmessiaen
    kevinmessiaen committed Oct 23, 2025
    Configuration menu
    Copy the full SHA
    aba8dd0 View commit details
    Browse the repository at this point in the history

Commits on Nov 18, 2025

  1. Merge pull request #2214 from Giskard-AI/feature/eng-1081-use-good-pr… 

    …actices-for-ci-workflow-var-interpolation

fix(security): prevent command injection in GitHub Actions workflows [ENG-1131]
    @mattbit
    mattbit authored Nov 18, 2025
    Configuration menu
    Copy the full SHA
    c92584e View commit details
    Browse the repository at this point in the history
Loading