Hello,

I got a password for checkmarx as secret in my CI. I wanted to use the same password to test this action. As my password contain a " somewhere in the code of this action or in the cli those are removed making the call invalid.

I tried to escape this special char with a , by duplicating the " ... everything fail.

Even if I was able to escape correctly the special char, I would not use this action.

This action logs the cli command that will be executed. The command contains " -CxUser **** -CxPassword yyyyyyy "
The yyyyyyy is not the same as the one in the github secret ( escaped char are escaped ) so the logs display the password in plain text.

Hi @GregoireW can you please let me know an example of a dummy password that eventually fails with that special character ?
Btw, are you passing the passwords using secrets to github action ?
Thanks !

I got a password like abcdef"ghijk

And yes I use a github secret.

@GregoireW please check if that works using new version available at:
uses: checkmarx-ts/checkmarx-github-action@master

@miguelfreitas93 This is now fixed. Thank you