- Fixed alert messages in
actions/artifact-poisoning/criticalandactions/artifact-poisoning/mediumas they previously included a redundant placeholder in the alert message that would on occasion contain a long block of yml that makes the alert difficult to understand. Also improved the wording to make it clearer that it is not the artifact that is being poisoned, but instead a potentially untrusted artifact that is consumed. Finally, changed the alert location to be the source, to align more with other queries reporting an artifact (e.g. zipslip) which is more useful.
- The query
actions/missing-workflow-permissionsno longer produces false positive results on reusable workflows where all callers set permissions.