Skip to content

Potential fix for code scanning alert no. 11: Incomplete string escaping or encoding#1627

Merged
arturcic merged 114 commits intovnextfrom
alert-autofix-11
Jun 18, 2025
Merged

Potential fix for code scanning alert no. 11: Incomplete string escaping or encoding#1627
arturcic merged 114 commits intovnextfrom
alert-autofix-11

Conversation

@arturcic
Copy link
Member

@arturcic arturcic commented May 29, 2025

Potential fix for https://github.com/GitTools/actions/security/code-scanning/11

To fix the issue, the escapeArgument method should be updated to escape backslashes (\) in addition to double quotes when running on Windows. This can be achieved by modifying the replace call to handle both backslashes and double quotes. Specifically, backslashes should be escaped first to avoid interference with escaping double quotes.

The fix involves:

  1. Updating the value.replace call on line 92 to escape backslashes (\) before escaping double quotes (").
  2. Using a regular expression with the global flag (g) to ensure all occurrences are replaced.

No new dependencies are required for this fix.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

dependabot bot and others added 30 commits April 30, 2025 18:06
@dependabot
(npm): Bump vite from 6.3.3 to 6.3.4 in the npm_and_yarn group
85872a8 
Bumps the npm_and_yarn group with 1 update: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `vite` from 6.3.3 to 6.3.4
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.3.4/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 6.3.4
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1592 from GitTools/dependabot/npm_and_yarn/npm_an…
aab6af0 
…d_yarn-de653eece3

(npm): Bump vite from 6.3.3 to 6.3.4 in the npm_and_yarn group
@dependabot
(npm): Bump @vitest/eslint-plugin in the eslint group
dc97042 
Bumps the eslint group with 1 update: [@vitest/eslint-plugin](https://github.com/vitest-dev/eslint-plugin-vitest).


Updates `@vitest/eslint-plugin` from 1.1.43 to 1.1.44
- [Release notes](https://github.com/vitest-dev/eslint-plugin-vitest/releases)
- [Commits](vitest-dev/eslint-plugin-vitest@v1.1.43...v1.1.44)

---
updated-dependencies:
- dependency-name: "@vitest/eslint-plugin"
  dependency-version: 1.1.44
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1593 from GitTools/dependabot/npm_and_yarn/eslint…
35c93ac 
…-352a26273c

(npm): Bump @vitest/eslint-plugin from 1.1.43 to 1.1.44 in the eslint group
@dependabot
(npm): Bump the eslint group with 3 updates
e047228 
Bumps the eslint group with 3 updates: [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js), [eslint](https://github.com/eslint/eslint) and [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier).


Updates `@eslint/js` from 9.25.1 to 9.26.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.26.0/packages/js)

Updates `eslint` from 9.25.1 to 9.26.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v9.25.1...v9.26.0)

Updates `eslint-plugin-prettier` from 5.2.6 to 5.3.1
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-plugin-prettier@v5.2.6...v5.3.1)

---
updated-dependencies:
- dependency-name: "@eslint/js"
  dependency-version: 9.26.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: eslint
  dependency-version: 9.26.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: eslint-plugin-prettier
  dependency-version: 5.3.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1594 from GitTools/dependabot/npm_and_yarn/eslint…
481b02a 
…-7461966321

(npm): Bump the eslint group with 3 updates
@dependabot
(npm): Bump npm-run-all2 from 7.0.2 to 8.0.1
87bd4b7 
Bumps [npm-run-all2](https://github.com/bcomnes/npm-run-all2) from 7.0.2 to 8.0.1.
- [Release notes](https://github.com/bcomnes/npm-run-all2/releases)
- [Changelog](https://github.com/bcomnes/npm-run-all2/blob/master/CHANGELOG.md)
- [Commits](bcomnes/npm-run-all2@v7.0.2...v8.0.1)

---
updated-dependencies:
- dependency-name: npm-run-all2
  dependency-version: 8.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1595 from GitTools/dependabot/npm_and_yarn/npm-ru…
e66ade9 
…n-all2-8.0.1

(npm): Bump npm-run-all2 from 7.0.2 to 8.0.1
@dependabot
(npm): Bump @types/node from 22.15.3 to 22.15.11 in the types group
65b4ce7 
Bumps the types group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 22.15.3 to 22.15.11
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 22.15.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1598 from GitTools/dependabot/npm_and_yarn/types-…
7c02bad 
…ffe8e45d1d

(npm): Bump @types/node from 22.15.3 to 22.15.11 in the types group
@dependabot
(npm): Bump the vite group with 3 updates
507b9d2 
Bumps the vite group with 3 updates: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [vite-node](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vite-node) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `vite` from 6.3.4 to 6.3.5
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.3.5/packages/vite)

Updates `vite-node` from 3.1.2 to 3.1.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.1.3/packages/vite-node)

Updates `vitest` from 3.1.2 to 3.1.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.1.3/packages/vitest)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 6.3.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vite
- dependency-name: vite-node
  dependency-version: 3.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vite
- dependency-name: vitest
  dependency-version: 3.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vite
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1596 from GitTools/dependabot/npm_and_yarn/vite-f…
2cf3af0 
…a383f4463

(npm): Bump the vite group with 3 updates
@dependabot
(npm): Bump the eslint group with 2 updates
2213c4f 
Bumps the eslint group with 2 updates: [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) and [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint).


Updates `eslint-plugin-prettier` from 5.3.1 to 5.4.0
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-plugin-prettier@v5.3.1...v5.4.0)

Updates `typescript-eslint` from 8.31.1 to 8.32.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.32.0/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: eslint-plugin-prettier
  dependency-version: 5.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: typescript-eslint
  dependency-version: 8.32.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1597 from GitTools/dependabot/npm_and_yarn/eslint…
406906c 
…-62904752a1

(npm): Bump the eslint group with 2 updates
@dependabot
(npm): Bump lint-staged from 15.5.1 to 15.5.2
772ae7b 
Bumps [lint-staged](https://github.com/lint-staged/lint-staged) from 15.5.1 to 15.5.2.
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v15.5.1...v15.5.2)

---
updated-dependencies:
- dependency-name: lint-staged
  dependency-version: 15.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1600 from GitTools/dependabot/npm_and_yarn/lint-s…
cfa50a8 
…taged-15.5.2

(npm): Bump lint-staged from 15.5.1 to 15.5.2
@dependabot
(npm): Bump @types/node from 22.15.11 to 22.15.14 in the types group
52aa3ed 
Bumps the types group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 22.15.11 to 22.15.14
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 22.15.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1599 from GitTools/dependabot/npm_and_yarn/types-…
37197bd 
…cf84af28fb

(npm): Bump @types/node from 22.15.11 to 22.15.14 in the types group
@dependabot
(npm): Bump eslint-config-prettier in the eslint group
063b780 
Bumps the eslint group with 1 update: [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier).


Updates `eslint-config-prettier` from 10.1.2 to 10.1.3
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-config-prettier@v10.1.2...v10.1.3)

---
updated-dependencies:
- dependency-name: eslint-config-prettier
  dependency-version: 10.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1601 from GitTools/dependabot/npm_and_yarn/eslint…
27dd09e 
…-c9619ea8fd

(npm): Bump eslint-config-prettier from 10.1.2 to 10.1.3 in the eslint group
@dependabot
(npm): Bump globals from 16.0.0 to 16.1.0
6d68582 
Bumps [globals](https://github.com/sindresorhus/globals) from 16.0.0 to 16.1.0.
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v16.0.0...v16.1.0)

---
updated-dependencies:
- dependency-name: globals
  dependency-version: 16.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1603 from GitTools/dependabot/npm_and_yarn/global…
5c28325 
…s-16.1.0

(npm): Bump globals from 16.0.0 to 16.1.0
@dependabot
(npm): Bump @types/node from 22.15.14 to 22.15.16 in the types group
9e48318 
Bumps the types group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 22.15.14 to 22.15.16
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 22.15.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1602 from GitTools/dependabot/npm_and_yarn/types-…
ad9a746 
…14e47470f5

(npm): Bump @types/node from 22.15.14 to 22.15.16 in the types group
@dependabot
(npm): Bump @types/node from 22.15.16 to 22.15.17 in the types group
d960327 
Bumps the types group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 22.15.16 to 22.15.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 22.15.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1605 from GitTools/dependabot/npm_and_yarn/types-…
f624cc8 
…f9d0c73cc8

(npm): Bump @types/node from 22.15.16 to 22.15.17 in the types group
@dependabot
(npm): Bump eslint-config-prettier in the eslint group
c0c735b 
Bumps the eslint group with 1 update: [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier).


Updates `eslint-config-prettier` from 10.1.3 to 10.1.5
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-config-prettier@v10.1.3...v10.1.5)

---
updated-dependencies:
- dependency-name: eslint-config-prettier
  dependency-version: 10.1.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1604 from GitTools/dependabot/npm_and_yarn/eslint…
3ca7731 
…-9a630e1a01

(npm): Bump eslint-config-prettier from 10.1.3 to 10.1.5 in the eslint group
@dependabot
(npm): Bump lint-staged from 15.5.2 to 16.0.0
05a8b24 
Bumps [lint-staged](https://github.com/lint-staged/lint-staged) from 15.5.2 to 16.0.0.
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v15.5.2...v16.0.0)

---
updated-dependencies:
- dependency-name: lint-staged
  dependency-version: 16.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1606 from GitTools/dependabot/npm_and_yarn/lint-s…
743bd89 
…taged-16.0.0

(npm): Bump lint-staged from 15.5.2 to 16.0.0
mergify bot and others added 10 commits June 14, 2025 12:45
@mergify
Merge pull request #1646 from GitTools/dependabot/npm_and_yarn/eslint…
321f374 
…-6b36f9e9f3

(npm): Bump the eslint group with 3 updates
@dependabot
(npm): Bump lint-staged from 16.1.0 to 16.1.1
d9f0b6b 
Bumps [lint-staged](https://github.com/lint-staged/lint-staged) from 16.1.0 to 16.1.1.
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.1.0...v16.1.1)

---
updated-dependencies:
- dependency-name: lint-staged
  dependency-version: 16.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1647 from GitTools/dependabot/npm_and_yarn/lint-s…
50ac27d 
…taged-16.1.1

(npm): Bump lint-staged from 16.1.0 to 16.1.1
@dependabot
(npm): Bump @types/node from 24.0.1 to 24.0.3 in the types group
0d6fa49 
Bumps the types group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 24.0.1 to 24.0.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 24.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1649 from GitTools/dependabot/npm_and_yarn/types-…
861d539 
…f7bf1d1c76

(npm): Bump @types/node from 24.0.1 to 24.0.3 in the types group
@dependabot
(npm): Bump lint-staged from 16.1.1 to 16.1.2
7650721 
Bumps [lint-staged](https://github.com/lint-staged/lint-staged) from 16.1.1 to 16.1.2.
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.1.1...v16.1.2)

---
updated-dependencies:
- dependency-name: lint-staged
  dependency-version: 16.1.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1648 from GitTools/dependabot/npm_and_yarn/lint-s…
9e7eea7 
…taged-16.1.2

(npm): Bump lint-staged from 16.1.1 to 16.1.2
@dependabot
(npm): Bump the eslint group with 3 updates
c95d1a7 
Bumps the eslint group with 3 updates: [@vitest/eslint-plugin](https://github.com/vitest-dev/eslint-plugin-vitest), [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) and [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint).


Updates `@vitest/eslint-plugin` from 1.2.5 to 1.2.7
- [Release notes](https://github.com/vitest-dev/eslint-plugin-vitest/releases)
- [Commits](vitest-dev/eslint-plugin-vitest@v1.2.5...v1.2.7)

Updates `eslint-plugin-prettier` from 5.4.1 to 5.5.0
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-plugin-prettier@v5.4.1...v5.5.0)

Updates `typescript-eslint` from 8.34.0 to 8.34.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.34.1/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: "@vitest/eslint-plugin"
  dependency-version: 1.2.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: eslint
- dependency-name: eslint-plugin-prettier
  dependency-version: 5.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: typescript-eslint
  dependency-version: 8.34.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
@mergify
Merge pull request #1650 from GitTools/dependabot/npm_and_yarn/eslint…
a3f0133 
…-72fc61b774

(npm): Bump the eslint group with 3 updates
@arturcic @github-advanced-security
Potential fix for code scanning alert no. 11: Incomplete string escap…
d193fe5 
…ing or encoding

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@arturcic arturcic marked this pull request as ready for review June 18, 2025 06:49
@arturcic arturcic requested a review from Copilot June 18, 2025 06:49
Copilot AI reviewed Jun 18, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR addresses code scanning alert no. 11 by updating the Windows command argument escaping logic. The changes ensure that backslashes are escaped before double quotes in the ArgumentsBuilder, and the unit tests have been updated to reflect this new behavior.

  • Updated the escape logic in src/tools/common/arguments-builder.ts to handle backslashes.
  • Updated tests in src/tests/tools/common/arguments-builder.spec.ts to match the new escaping behavior.

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
src/tools/common/arguments-builder.ts Updated the escape logic for Windows by adding a replace call to handle backslashes.
src/tests/tools/common/arguments-builder.spec.ts Updated expected output strings to reflect the additional backslash escapes.

@arturcic arturcic added the enhancement New feature or request label Jun 18, 2025
@arturcic arturcic added this to the v4.x milestone Jun 18, 2025
@arturcic arturcic changed the base branch from main to vnext June 18, 2025 06:57
@arturcic
Copy link
Member Author

arturcic commented Jun 18, 2025

@Mergifyio rebase

@mergify
Copy link
Contributor

mergify bot commented Jun 18, 2025

rebase

❌ Base branch update has failed

Details

Git reported the following error:

Rebasing (1/60)
Rebasing (2/60)
Rebasing (3/60)
Rebasing (4/60)
Rebasing (5/60)
Rebasing (6/60)
Rebasing (7/60)
Rebasing (8/60)
Rebasing (9/60)
Rebasing (10/60)
Rebasing (11/60)
Rebasing (12/60)
Rebasing (13/60)
Rebasing (14/60)
Rebasing (15/60)
Rebasing (16/60)
Rebasing (17/60)
Rebasing (18/60)
Rebasing (19/60)
Rebasing (20/60)
Rebasing (21/60)
Auto-merging .github/workflows/ci.yml
Auto-merging .github/workflows/output-example-1.yml
CONFLICT (content): Merge conflict in .github/workflows/output-example-1.yml
Auto-merging .github/workflows/output-example-2.yml
CONFLICT (content): Merge conflict in .github/workflows/output-example-2.yml
Auto-merging .github/workflows/release.yml
error: could not apply e650164... adds read-all permissions to workflows
hint: Resolve all conflicts manually, mark them as resolved with
hint: "git add/rm <conflicted_files>", then run "git rebase --continue".
hint: You can instead skip this commit: run "git rebase --skip".
hint: To abort and get back to the state before "git rebase", run "git rebase --abort".
Could not apply e650164... adds read-all permissions to workflows

@arturcic
Copy link
Member Author

arturcic commented Jun 18, 2025

@Mergifyio rebase

@arturcic arturcic merged commit 0ae90ef into vnext Jun 18, 2025
12 checks passed
@mergify
Copy link
Contributor

mergify bot commented Jun 18, 2025

rebase

☑️ Nothing to do, the required conditions are not met

Details
  • -conflict [📌 rebase requirement]
  • -closed [📌 rebase requirement]
  • queue-position = -1 [📌 rebase requirement]
  • any of:
    • #commits > 1 [📌 rebase requirement]
    • #commits-behind > 0 [📌 rebase requirement]
    • -linear-history [📌 rebase requirement]

@arturcic arturcic deleted the alert-autofix-11 branch June 18, 2025 07:00
@mergify
Copy link
Contributor

mergify bot commented Jun 18, 2025

Thank you @arturcic for your contribution!

arturcic added a commit to arturcic/gittools-actions that referenced this pull request Jun 18, 2025
@arturcic
Merge pull request GitTools#1627 from GitTools/alert-autofix-11
4f5e2df 
Potential fix for code scanning alert no. 11: Incomplete string escaping or encoding
@arturcic arturcic modified the milestones: v4.x, v4.0.0 Jun 19, 2025
@arturcic arturcic added improvement and removed enhancement New feature or request labels Jun 30, 2025
@gittools-bot
Copy link
Contributor

gittools-bot commented Jun 30, 2025

🎉 This issue has been resolved in version v4.0.0 🎉
The release is available on:

Your GitReleaseManager bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

improvement

Projects

None yet

Milestone

v4.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@arturcic @gittools-bot