SQSCANGHA-101 Add more command injection tests

2025-08-28 10:49:39 +02:00
parent 5fc8cfce6b
commit 016cabf33a
4 changed files with 114 additions and 13 deletions
--- a/action.yml
+++ b/action.yml
@@ -51,11 +51,9 @@ runs:
      run: echo "${RUNNER_TEMP}/sonar-scanner-cli-${{ inputs.scannerVersion }}-${{ runner.os }}-${{ runner.arch }}/bin" >> $GITHUB_PATH
      shell: bash
    - name: Run SonarScanner
-      run: |
-        args=(${{ inputs.args }})
-        cmd=(${GITHUB_ACTION_PATH}/scripts/run-sonar-scanner-cli.sh "${args[@]}")
-        "${cmd[@]}"
+      run: ${GITHUB_ACTION_PATH}/scripts/run-sonar-scanner.sh
      shell: bash
      env:
+        INPUT_ARGS: ${{ inputs.args }}
        INPUT_PROJECTBASEDIR: ${{ inputs.projectBaseDir }}
        SONAR_SCANNER_JRE: ${{ runner.temp }}/sonar-scanner-cli-${{ inputs.scannerVersion }}-${{ runner.os }}-${{ runner.arch }}/jre