Skip to content

Commit 1a8358d

Browse files
elvin03Copilot
elvin03
and
Copilot
authored
Update .github/workflows/codeql.yml
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
1 parent cd519b3 commit 1a8358d

1 file changed

Lines changed: 9 additions & 14 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 9 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -166,28 +166,23 @@ jobs:
166166
const serverUrl = process.env.SERVER_URL || 'https://github.com';
167167
const language = process.env.MATRIX_LANGUAGE || 'unknown';
168168
169-
// Sanitize inputs to prevent injection
170-
const sanitize = (str) => String(str).replace(/[<>&"']/g, (char) => {
171-
const map = { '<': '&lt;', '>': '&gt;', '&': '&amp;', '"': '&quot;', "'": '&#x27;' };
172-
return map[char];
173-
});
174169
175-
const title = `🚨 Security Issues Detected - ${sanitize(commitMessage)}`;
170+
const title = `🚨 Security Issues Detected - ${commitMessage}`;
176171
const body = `## Security Alert
177172
178-
CodeQL analysis has detected **${sanitize(findingsCount)}** security issue(s) in the codebase.
173+
CodeQL analysis has detected **${findingsCount}** security issue(s) in the codebase.
179174
180175
### Details:
181-
- **Repository**: ${sanitize(repository)}
182-
- **Branch**: ${sanitize(branchName)}
183-
- **Commit**: ${sanitize(commitSha)}
184-
- **Workflow Run**: [${sanitize(runNumber)}](${sanitize(serverUrl)}/${sanitize(repository)}/actions/runs/${sanitize(runId)})
185-
- **Language**: ${sanitize(language)}
176+
- **Repository**: ${repository}
177+
- **Branch**: ${branchName}
178+
- **Commit**: ${commitSha}
179+
- **Workflow Run**: [${runNumber}](${serverUrl}/${repository}/actions/runs/${runId})
180+
- **Language**: ${language}
186181
187182
### Action Required:
188183
Please review the security findings immediately:
189-
- [View Security Tab](${sanitize(serverUrl)}/${sanitize(repository)}/security/code-scanning)
190-
- [View Workflow Run](${sanitize(serverUrl)}/${sanitize(repository)}/actions/runs/${sanitize(runId)})
184+
- [View Security Tab](${serverUrl}/${repository}/security/code-scanning)
185+
- [View Workflow Run](${serverUrl}/${repository}/actions/runs/${runId})
191186
192187
### Assignees:
193188
@elvin03 please review and address these security issues.

0 commit comments

Comments
 (0)