File tree Expand file tree Collapse file tree 3 files changed +29
-15
lines changed
Expand file tree Collapse file tree 3 files changed +29
-15
lines changed Original file line number Diff line number Diff line change @@ -75,13 +75,23 @@ jobs:
7575 - name : Checkout repository
7676 uses : actions/checkout@v4
7777
78- - name : Run Gitleaks
79- uses : gitleaks/gitleaks-action@v2
80- env :
81- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
82- GITLEAKS_LICENSE : ${{ secrets.GITLEAKS_LICENSE }}
78+ - name : Run Gitleaks (fail on leaks)
79+ uses : docker://gitleaks/gitleaks:latest
8380 with :
84- args : detect --no-git -v --redact --exit-code 1
81+ args : detect --source . --no-git --redact --report-format sarif --report-path gitleaks.sarif --exit-code 1
82+
83+ - name : Upload Gitleaks SARIF as artifact
84+ if : always() && hashFiles('gitleaks.sarif') != ''
85+ uses : actions/upload-artifact@v4
86+ with :
87+ name : gitleaks-scan-results
88+ path : gitleaks.sarif
89+
90+ - name : Upload Gitleaks SARIF to Code Scanning
91+ if : always() && hashFiles('gitleaks.sarif') != ''
92+ uses : github/codeql-action/upload-sarif@v3
93+ with :
94+ sarif_file : gitleaks.sarif
8595
8696 dependency_audit :
8797 name : Dependency Vulnerability Audit
Original file line number Diff line number Diff line change @@ -58,15 +58,19 @@ export function getTextBySelector(selector) {
5858 if ( selector . includes ( '*' ) ) {
5959 const parts = selector . split ( ' ' ) ;
6060
61+ const toSafe = ( s ) =>
62+ typeof CSS !== 'undefined' && CSS . escape
63+ ? CSS . escape ( s )
64+ : s . replace ( / [ \" ] / g, '$&' ) . replace ( / ] / g, ']' ) ;
65+
6166 const modifiedParts = parts . map ( ( part ) => {
62- if ( part . includes ( '*' ) ) {
63- if ( part . startsWith ( '.' ) ) {
64- return `[class*="${ part . replace ( '.' , '' ) . replace ( '*' , '' ) } ;
65- } else {
66- return `[${ part . replace ( '*' , '' ) } ;
67- }
67+ if ( ! part . includes ( '*' ) ) return part ;
68+ if ( part . startsWith ( '.' ) ) {
69+ const raw = part . replace ( / \. / g, '' ) . replace ( / \* / g, '' ) ;
70+ return `[class*="${ toSafe ( raw ) } ;
6871 }
69- return part ;
72+ const rawAttr = part . replace ( / \* / g, '' ) ;
73+ return `[${ toSafe ( rawAttr ) } ;
7074 } ) ;
7175
7276 const modifiedSelector = modifiedParts . join ( ' ' ) ;
Original file line number Diff line number Diff line change @@ -158,8 +158,8 @@ describe('Content', () => {
158158 const rule = {
159159 tab : {
160160 title : '@0 | $0' ,
161- title_matcher : '[a-z]*@gmail.com' ,
162- url_matcher : '[a-z]* .google.com' ,
161+ title_matcher : '^ [a-z]*@gmail\\ .com$ ' ,
162+ url_matcher : '^ [a-z]+\\ .google\\ .com$ ' ,
163163 } ,
164164 } ;
165165
You can’t perform that action at this time.
0 commit comments