From d33ce423d8874a3f28a663b0fcad8dd3c9af02d1 Mon Sep 17 00:00:00 2001 From: Marco Gario Date: Tue, 1 Apr 2025 13:58:37 +0200 Subject: [PATCH] Update UntrustedCheckoutCritical.ql --- actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql b/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql index 9676e942f7ce..ad79a1ce776f 100644 --- a/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql +++ b/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql @@ -1,5 +1,5 @@ /** - * @name Checkout of untrusted code in a priviledged context + * @name Checkout of untrusted code in a privileged context * @description Privileged workflows have read/write access to the base repository and access to secrets. * By explicitly checking out and running the build script from a fork the untrusted code is running in an environment * that is able to push to the base repository and to access secrets.