Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit7e150f2

Browse files
EdwardAngertclaude
andcommitted
fix: relax branch name validation in docs-analysis action
- Change from whitelist to blacklist validation approach- Allow more characters commonly used in branch names- Still maintain protection against command injection- Block only potentially dangerous characters🤖 Generated with [Claude Code](https://claude.ai/code)Co-Authored-By: Claude <noreply@anthropic.com>
1 parent7d62132 commit7e150f2

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

‎.github/actions/docs-analysis/action.yml‎

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -146,14 +146,14 @@ runs:
146146
echo "::warning::Documentation path '${{ inputs.docs-path }}' does not exist - some functions may not work correctly"
147147
fi
148148
149-
# Validate branch references withstrict whitelist approach for better security
150-
if [[!"${{ inputs.pr-ref }}" =~^[a-zA-Z0-9_\-\.\/]+$ ]]; then
151-
echo "::error::Invalid characters in pr-ref -only alphanumeric, underscore, hyphen, dot, and forward slash are allowed"
149+
# Validate branch references withsecurity checks but allow more chars used in branch names
150+
if [[ "${{ inputs.pr-ref }}" =~[;&|'"'"`] ]]; then
151+
echo "::error::Invalid characters in pr-ref -branch name contains potentially unsafe characters"
152152
exit 1
153153
fi
154154
155-
if [[!"${{ inputs.base-ref }}" =~^[a-zA-Z0-9_\-\.\/]+$ ]]; then
156-
echo "::error::Invalid characters in base-ref -only alphanumeric, underscore, hyphen, dot, and forward slash are allowed"
155+
if [[ "${{ inputs.base-ref }}" =~[;&|'"'"`] ]]; then
156+
echo "::error::Invalid characters in base-ref -branch name contains potentially unsafe characters"
157157
exit 1
158158
fi
159159

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp