Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DO NOT REVIEW: added a new line to generate a CodeQL alert #5204

Open
wants to merge 2 commits into
base: gh-pages
Choose a base branch
from
Open

DO NOT REVIEW: added a new line to generate a CodeQL alert #5204

wants to merge 2 commits into from

Conversation

roslynwythe
Copy link
Member

@roslynwythe roslynwythe commented Aug 15, 2023
edited
Loading

no linked issue. Please do not review this PR. It is a test to explore how CodeQL alerts appear and are managed within a PR

What changes did you make?

  • I added a space to a line that had previously been flagged as having a 'potentially unsafe' link
  • within a liquid comment I added another instance of a 'potentially unsafe external link`

Why did you make the changes (we will use this info to test)?

  • Testing - please do not review this PR
  • I plan to dismiss one or both of the alerts within the PR annotation and see how that action is displayed and recorded.

Screenshots of Proposed Changes Of The Website (if any, please do not screen shot code changes)

No visual changes

@roslynwythe roslynwythe added the Ignore: Test Issue was created for testing purposes only label Aug 15, 2023
@HackforLABot HackforLABot added this to PR Needs review (Automated Column, do not place items here manually) in Project Board Aug 15, 2023
@github-actions

This comment was marked as off-topic.

Sign in to view
@roslynwythe roslynwythe mentioned this pull request Aug 15, 2023
Open
2 tasks
@roslynwythe roslynwythe added the Draft Issue is still in the process of being created label Aug 16, 2023
@roslynwythe roslynwythe changed the title added a new line to generate a CodeQL alert DO NOT REVIEW: added a new line to generate a CodeQL alert Aug 16, 2023
@roslynwythe
Update about-card-sponsors.html
0b4d036 
added new instance of "potentially unsafe external link" for testing CodeQL
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 21, 2023
View reviewed changes
_includes/about-page/about-card-sponsors.html
@@ -7,7 +7,14 @@
<div class="flex-container-row flex-container-row--partners">
{% comment %}
{%for sponsor in site.data.internal.sponsors%}
<a href="{{sponsor.link}}" target="_blank" alt="{{sponsor.name}}">
<a href="{{sponsor.link}}" target="_blank" alt="{{sponsor.name}}" >

Check warning

Code scanning / CodeQL

Potentially unsafe external link Medium

External links without noopener/noreferrer are a potential security risk.
_includes/about-page/about-card-sponsors.html
{% endcomment %}
{% comment %}
{%for sponsor in site.data.internal.sponsors%}
<a href="{{sponsor.link}}" target="_blank" alt="test" >

Check warning

Code scanning / CodeQL

Potentially unsafe external link Medium

External links without noopener/noreferrer are a potential security risk.
@roslynwythe roslynwythe mentioned this pull request Oct 3, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Draft Issue is still in the process of being created Ignore: Test Issue was created for testing purposes only
Projects
HfLA Website: Project Board
Status: PR Needs review (Automated Column, do not place items here manually)
Project Board
  
PR Needs review (Automated Column, do...
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@roslynwythe