diff --git a/probes/hasNoGitHubWorkflowPermissionUnknown/def.yml b/probes/hasNoGitHubWorkflowPermissionUnknown/def.yml index 2f86a74853d..5f2b8593942 100644 --- a/probes/hasNoGitHubWorkflowPermissionUnknown/def.yml +++ b/probes/hasNoGitHubWorkflowPermissionUnknown/def.yml @@ -24,12 +24,12 @@ outcome: remediation: effort: Low text: - - Visit https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.defaultBranch }}?enable=permissions + - Visit https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.repository.defaultBranch }}?enable=permissions - Tick the 'Restrict permissions for GITHUB_TOKEN' - Untick other options - "NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead." markdown: - - Visit [https://app.stepsecurity.io/secureworkflow](https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.defaultBranch }}?enable=permissions). + - Visit [https://app.stepsecurity.io/secureworkflow](https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.repository.defaultBranch }}?enable=permissions). - Tick the 'Restrict permissions for GITHUB_TOKEN' - Untick other options - "NOTE: If you want to resolve multiple issues at once, you can visit [https://app.stepsecurity.io/securerepo](https://app.stepsecurity.io/securerepo) instead." diff --git a/probes/jobLevelPermissions/def.yml b/probes/jobLevelPermissions/def.yml index ad0605757ff..706c183ccf0 100644 --- a/probes/jobLevelPermissions/def.yml +++ b/probes/jobLevelPermissions/def.yml @@ -24,12 +24,12 @@ outcome: remediation: effort: Low text: - - Visit https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.defaultBranch }}?enable=permissions + - Visit https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.repository.defaultBranch }}?enable=permissions - Tick the 'Restrict permissions for GITHUB_TOKEN' - Untick other options - "NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead." markdown: - - Visit [https://app.stepsecurity.io/secureworkflow](https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.defaultBranch }}?enable=permissions). + - Visit [https://app.stepsecurity.io/secureworkflow](https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.repository.defaultBranch }}?enable=permissions). - Tick the 'Restrict permissions for GITHUB_TOKEN' - Untick other options - "NOTE: If you want to resolve multiple issues at once, you can visit [https://app.stepsecurity.io/securerepo](https://app.stepsecurity.io/securerepo) instead." diff --git a/probes/topLevelPermissions/def.yml b/probes/topLevelPermissions/def.yml index 3e4f7a00d48..44c122f8d73 100644 --- a/probes/topLevelPermissions/def.yml +++ b/probes/topLevelPermissions/def.yml @@ -24,12 +24,12 @@ outcome: remediation: effort: Low text: - - Visit https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.defaultBranch }}?enable=permissions + - Visit https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.repository.defaultBranch }}?enable=permissions - Tick the 'Restrict permissions for GITHUB_TOKEN' - Untick other options - "NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead." markdown: - - Visit [https://app.stepsecurity.io/secureworkflow](https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.defaultBranch }}?enable=permissions). + - Visit [https://app.stepsecurity.io/secureworkflow](https://app.stepsecurity.io/secureworkflow/${{ metadata.repository.uri }}/${{ metadata.workflow }}/${{ metadata.repository.defaultBranch }}?enable=permissions). - Tick the 'Restrict permissions for GITHUB_TOKEN' - Untick other options - "NOTE: If you want to resolve multiple issues at once, you can visit [https://app.stepsecurity.io/securerepo](https://app.stepsecurity.io/securerepo) instead."