Skip to content

Dependency Bug: semver vulnerable to Regular Expression Denial of Service #1907

Dependency Bug: semver vulnerable to Regular Expression Denial of Service

Dependency Bug: semver vulnerable to Regular Expression Denial of Service #1907

Workflow file for this run

name: Sync issue to Azure DevOps work item
on:
issues:
types:
[opened, edited, deleted, closed, reopened, labeled, unlabeled, assigned]
concurrency:
group: issue-${{ github.event.issue.number }}
cancel-in-progress: false
# Extra permissions needed to login with Entra ID service principal via federated identity
permissions:
id-token: write
issues: write
jobs:
ado:
runs-on: ubuntu-latest
environment:
name: issues
steps:
# Auth using Azure Service Principals was added as a part of v2.3
# reference: https://github.com/danhellem/github-actions-issue-to-work-item/pull/143
- name: Login to Azure
uses: azure/login@v2
with:
client-id: ${{ vars.AZURE_SP_DEVOPS_SYNC_CLIENT_ID }}
tenant-id: ${{ vars.AZURE_SP_DEVOPS_SYNC_TENANT_ID }}
allow-no-subscriptions: true
- name: Get Azure DevOps token
id: get_ado_token
run:
# The resource ID for Azure DevOps is always 499b84ac-1321-427f-aa17-267ca6975798
# https://learn.microsoft.com/azure/devops/integrate/get-started/authentication/service-principal-managed-identity
echo "ADO_TOKEN=$(az account get-access-token --resource 499b84ac-1321-427f-aa17-267ca6975798 --query "accessToken" --output tsv)" >> $GITHUB_ENV
- name: Sync issue to Azure DevOps
uses: danhellem/[email protected]
env:
ado_token: ${{ env.ADO_TOKEN }}
github_token: '${{ secrets.GH_RAD_CI_BOT_PAT }}'
ado_organization: 'azure-octo'
ado_project: 'Incubations'
ado_area_path: "Incubations\\Radius"
ado_iteration_path: "Incubations\\Radius"
ado_new_state: 'New'
ado_active_state: 'Active'
ado_close_state: 'Closed'
ado_wit: 'GitHub Issue'