password with quote got unescaped during the process hence fail...
GregoireW opened this issue · comments
Hello,
I got a password for checkmarx as secret in my CI. I wanted to use the same password to test this action. As my password contain a " somewhere in the code of this action or in the cli those are removed making the call invalid.
I tried to escape this special char with a , by duplicating the " ... everything fail.
Even if I was able to escape correctly the special char, I would not use this action.
This action logs the cli command that will be executed. The command contains " -CxUser **** -CxPassword yyyyyyy "
The yyyyyyy is not the same as the one in the github secret ( escaped char are escaped ) so the logs display the password in plain text.
Hi @GregoireW can you please let me know an example of a dummy password that eventually fails with that special character ?
Btw, are you passing the passwords using secrets to github action ?
Thanks !
I got a password like abcdef"ghijk
And yes I use a github secret.
@GregoireW please check if that works using new version available at:
uses: checkmarx-ts/checkmarx-github-action@master
@miguelfreitas93 This is now fixed. Thank you