sanitize output #186
Merged
sanitize output #186
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…r agent output sanitization (#9) * Initial plan * Implement enhanced agent output sanitization with configurable domain allowlisting - Extract JavaScript sanitization code to separate sanitize_output.cjs file - Add XML character escaping (< > & " ') to prevent injection attacks - Add URI protocol filtering to replace non-https protocols with "(redacted)" - Add configurable allowed-domains option with default GitHub domains - Update schema to support allowed-domains configuration - Update tests to match new sanitization function signature - Add comprehensive documentation for security features Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Fix HTTP protocol filtering to only allow HTTPS - Changed regex pattern from `http` to `http://` to avoid matching `https://` - Now correctly filters out `http://` URLs while preserving `https://` URLs - Addresses feedback to only allow HTTPS protocols for security Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Enhanced sanitization with mention neutralization, bot trigger handling, and environment-based domain configuration Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Fix HTTP protocol filtering to only allow HTTPS URLs Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Refactor sanitize_output.cjs to use main function pattern like create_issue.cjs Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Remove unnecessary module.exports from sanitize_output.cjs Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Add comprehensive JavaScript tests for sanitize_output.cjs Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Fix formatting inconsistencies in OutputConfig struct and extractOutputConfig function * Add extensive tests for sanitizeContent function in sanitize_output.test.cjs * Refactor script formatting in workflow jobs to use dedicated functions for improved readability and maintainability * Add tests for FormatJavaScriptForYAML and WriteJavaScriptToYAML functions to ensure proper formatting and indentation --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>
…w scripts and sanitize_output
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Satnization: