[AUTO-CHERRYPICK] [2.0] tar: Fix CVE-2022-48303 and CVE-2023-39804 - … #32975
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) Microsoft Corporation. | |
# Licensed under the MIT License. | |
# This action checks that the licenses.json file is up-to-date | |
# and that the LICENSES-MAP.md file is up-to-date | |
name: Spec License Map Check | |
on: | |
push: | |
branches: [main, dev, 1.0*, 2.0*, fasttrack/*] | |
pull_request: | |
branches: [main, dev, 1.0*, 2.0*, fasttrack/*] | |
permissions: read-all | |
jobs: | |
check: | |
name: Spec License Map Check | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the branch of our repo that triggered this action | |
- name: Workflow trigger checkout | |
uses: actions/checkout@v4 | |
- name: Setup Python 3.9 | |
uses: actions/setup-python@v4 | |
with: | |
python-version: 3.9 | |
- name: Get Python dependencies | |
run: python3 -m pip install python-rpm-spec | |
- name: Run license map checking script | |
run: | | |
python3 ./toolkit/scripts/license_map.py \ | |
./SPECS/LICENSES-AND-NOTICES/data/licenses.json \ | |
./SPECS/LICENSES-AND-NOTICES/LICENSES-MAP.md \ | |
./SPECS \ | |
./SPECS-EXTENDED \ | |
./SPECS-SIGNED |