| Audit ID | Type | Examples |
|---|---|---|
hardcoded-container-credentials |
Workflow | hardcoded-credentials.yml |
GitHub Actions allows Docker credentials (usernames and passwords) to be hardcoded in various places within workflows.
Hardcoding credentials is bad.
| Audit ID | Type | Examples |
|---|---|---|
hardcoded-container-credentials |
Workflow | hardcoded-credentials.yml |
GitHub Actions allows Docker credentials (usernames and passwords) to be hardcoded in various places within workflows.
Hardcoding credentials is bad.