familienarchiv/.gitea/workflows/ci.yml at 98f8c0129a6cfb474d4968359d12c44c250c000c

marcel/familienarchiv

Fork 0

Files

Marcel 4bc96c3772

CI / Unit & Component Tests (pull_request) Failing after 3m12s

Details

CI / OCR Service Tests (pull_request) Successful in 22s

Details

CI / Backend Unit Tests (pull_request) Successful in 3m45s

Details

CI / fail2ban Regex (pull_request) Successful in 42s

Details

CI / Semgrep Security Scan (pull_request) Successful in 20s

Details

CI / Compose Bucket Idempotency (pull_request) Successful in 1m2s

Details

ci(dates): widen {@html} raw-date guard to cover the raw prop

DocumentDate.svelte passes the untrusted raw value via a prop named `raw`,
but the guard only matched metaDateRaw/documentDateRaw/rawDate — so a future
{@html raw} would slip past. Add `\braw\b` to the token list and a self-test
asserting the guard catches {@html raw}. Code is currently safe ({raw}); this
closes the defense-in-depth gap in the guard itself.

Refs #666
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-27 12:37:42 +02:00

18 KiB

Raw Blame History

View Raw

18 KiB Raw Blame History

18 KiB

Raw Blame History