Add a link to the example Homoglyph attack PR

This commit is contained in:
Jonathan Leitschuh 2020-03-02 11:54:25 -05:00 committed by Paul Merlin
parent 78999a846d
commit b759e436a5

View file

@ -37,6 +37,7 @@ Additionally, the action will find and SHA-256 hash all
variants of files named `gradle-wrapper.jar`, variants of files named `gradle-wrapper.jar`,
for example a file named `gradlе-wrapper.jar` (which uses a Cyrillic `е` instead of `e`). for example a file named `gradlе-wrapper.jar` (which uses a Cyrillic `е` instead of `e`).
The goal is to prevent homoglyph attacks which may be very difficult to spot in a GitHub diff. The goal is to prevent homoglyph attacks which may be very difficult to spot in a GitHub diff.
We created an example [Homoglyph attack PR here](https://github.com/JLLeitschuh/playframework/pull/1/files).
## Usage ## Usage