security fixes
This commit is contained in:
Pavlenex
parent
151275d547
commit
78712f5840
18
.github/workflows/deploy.yml
vendored
18
.github/workflows/deploy.yml
vendored
@ -5,11 +5,6 @@ on:
|
||||
branches: [main]
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
concurrency:
|
||||
group: pages
|
||||
cancel-in-progress: true
|
||||
@ -17,24 +12,29 @@ concurrency:
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-node@v4
|
||||
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
|
||||
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
|
||||
with:
|
||||
node-version: 20
|
||||
cache: npm
|
||||
- run: npm ci
|
||||
- run: npm run build
|
||||
- uses: actions/upload-pages-artifact@v3
|
||||
- uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1
|
||||
with:
|
||||
path: dist
|
||||
|
||||
deploy:
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
environment:
|
||||
name: github-pages
|
||||
url: ${{ steps.deployment.outputs.page_url }}
|
||||
steps:
|
||||
- uses: actions/deploy-pages@v4
|
||||
- uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
|
||||
id: deployment
|
||||
|
||||
22
.github/workflows/fetch-issues.yml
vendored
22
.github/workflows/fetch-issues.yml
vendored
@ -10,20 +10,17 @@ concurrency:
|
||||
group: fetch-issues
|
||||
cancel-in-progress: false
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
jobs:
|
||||
fetch:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write
|
||||
outputs:
|
||||
changed: ${{ steps.fetch.outputs.changed }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
|
||||
|
||||
- uses: actions/setup-node@v4
|
||||
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
|
||||
with:
|
||||
node-version: 20
|
||||
cache: npm
|
||||
@ -63,11 +60,11 @@ jobs:
|
||||
if: needs.fetch.outputs.changed == 'true'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
|
||||
with:
|
||||
ref: main # ensure we get the just-pushed commit
|
||||
|
||||
- uses: actions/setup-node@v4
|
||||
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
|
||||
with:
|
||||
node-version: 20
|
||||
cache: npm
|
||||
@ -75,13 +72,16 @@ jobs:
|
||||
- run: npm ci
|
||||
- run: npm run build
|
||||
|
||||
- uses: actions/upload-pages-artifact@v3
|
||||
- uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1
|
||||
with:
|
||||
path: dist
|
||||
|
||||
deploy:
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
concurrency:
|
||||
group: pages
|
||||
cancel-in-progress: true
|
||||
@ -89,5 +89,5 @@ jobs:
|
||||
name: github-pages
|
||||
url: ${{ steps.deployment.outputs.page_url }}
|
||||
steps:
|
||||
- uses: actions/deploy-pages@v4
|
||||
- uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
|
||||
id: deployment
|
||||
|
||||
@ -11,7 +11,6 @@
|
||||
"lint": "eslint ."
|
||||
},
|
||||
"dependencies": {
|
||||
"@octokit/rest": "^22.0.1",
|
||||
"@radix-ui/react-dialog": "^1.1.15",
|
||||
"@radix-ui/react-slot": "^1.2.4",
|
||||
"@radix-ui/react-tooltip": "^1.2.8",
|
||||
@ -24,6 +23,7 @@
|
||||
"tailwind-merge": "^3.5.0"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@octokit/rest": "^22.0.1",
|
||||
"@eslint/js": "^9.39.1",
|
||||
"@tailwindcss/typography": "^0.5.19",
|
||||
"@tailwindcss/vite": "^4.2.1",
|
||||
|
||||
@ -143,7 +143,7 @@ async function main() {
|
||||
updatedAt: raw.updated_at ?? raw.created_at,
|
||||
commentsCount: raw.comments,
|
||||
reactionCount: raw.reactions?.total_count ?? 0,
|
||||
labels: raw.labels
|
||||
labels: (raw.labels ?? [])
|
||||
.filter((l) => typeof l === 'object')
|
||||
.map((l) => ({ name: l.name ?? '', color: l.color ?? '888888' })),
|
||||
repo: {
|
||||
|
||||
@ -46,6 +46,7 @@ export default function IssueModal({ issue, onClose, slideFrom }: IssueModalProp
|
||||
)}
|
||||
|
||||
<div className="flex items-center gap-3 text-xs text-muted-foreground mt-1">
|
||||
{issue.author.avatarUrl && (
|
||||
<img
|
||||
src={issue.author.avatarUrl}
|
||||
alt={issue.author.login}
|
||||
@ -53,14 +54,18 @@ export default function IssueModal({ issue, onClose, slideFrom }: IssueModalProp
|
||||
referrerPolicy="no-referrer"
|
||||
loading="lazy"
|
||||
/>
|
||||
)}
|
||||
{issue.author.url ? (
|
||||
<a
|
||||
href={issue.author.url}
|
||||
target="_blank"
|
||||
rel="noopener noreferrer"
|
||||
className="font-medium hover:text-primary transition-colors"
|
||||
>
|
||||
{issue.author.login}
|
||||
</a>
|
||||
) : (
|
||||
<span className="font-medium">{issue.author.login}</span>
|
||||
)}
|
||||
<span className="flex items-center gap-1">
|
||||
<Clock size={11} aria-hidden="true" /> {timeAgo(issue.createdAt)}
|
||||
</span>
|
||||
@ -76,6 +81,12 @@ export default function IssueModal({ issue, onClose, slideFrom }: IssueModalProp
|
||||
skipHtml
|
||||
allowedElements={['p', 'h1', 'h2', 'h3', 'ul', 'ol', 'li', 'code', 'pre', 'blockquote', 'a', 'strong', 'em', 'br']}
|
||||
unwrapDisallowed
|
||||
components={{
|
||||
a: ({ href, children }) => {
|
||||
const safe = href && /^https?:\/\//i.test(href) ? href : '#'
|
||||
return <a href={safe} target="_blank" rel="noopener noreferrer">{children}</a>
|
||||
},
|
||||
}}
|
||||
>
|
||||
{issue.body || '_No description provided._'}
|
||||
</ReactMarkdown>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user