alteropen/streamyfin
1
0
Fork 0
mirror of https://github.com/streamyfin/streamyfin.git synced 2026-06-02 20:18:29 +01:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
5f59dce0c7ca84ad62fbfc1c941564a0ff44b02f
streamyfin/scripts
History
Gauvino 5f59dce0c7 fix(pr-validation): run under pull_request_target + drop DoS-prone comment loop 
Security audit fixes:
- The jobs gated on github.event_name == 'pull_request' but the trigger is
  pull_request_target, so they never ran (validation was silently disabled).
  Gate on 'pull_request_target'.
- Replace the loop-until-stable HTML-comment strip with a single linear pass
  (+ trailing-unterminated strip): still leaves no <!-- (CodeQL-clean) but
  removes the quadratic re-scan a crafted nested-comment body could abuse.
2026-06-01 20:14:24 +02:00
..
ios
fix(ios): drop SwiftUICore autolink on pods so the app links via SwiftUI re-export
2026-05-29 18:17:02 +02:00
automerge.sh
chore
2025-01-06 10:14:17 +01:00
check-pr-template.mjs
fix(pr-validation): run under pull_request_target + drop DoS-prone comment loop
2026-06-01 20:14:24 +02:00
symlink-native-dirs.js
fix: bump biome and fix error (#864)
2025-07-21 09:44:24 +02:00
typecheck.js
refactor: replace inline typecheck with dedicated script (#1075)
2025-09-21 20:31:56 +02:00