From 352adb49168bb06d3fc58ecd2aaffae2dca22a34 Mon Sep 17 00:00:00 2001 From: Konstantin Dinev Date: Mon, 4 Nov 2024 16:21:43 +0200 Subject: [PATCH 1/4] Fix code scanning alert no. 28: Inefficient regular expression Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- src/js/modules/infragistics.templating.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/js/modules/infragistics.templating.js b/src/js/modules/infragistics.templating.js index c2734ba53..7c2b690b1 100644 --- a/src/js/modules/infragistics.templating.js +++ b/src/js/modules/infragistics.templating.js @@ -127,7 +127,7 @@ Use $.ig.regExp.sub.exec(tmpl) in order to get the substitution element in the tmpl string */ nonEncodeSub: /\{\{html\s+([\w\$\-]+(\.|\s)?[\w\$\-]*)+\}\}/, - forSub: /\$\{(([\w\$]+\.[\w\$]*)+)\}/, + forSub: /\$\{(([\w\$]+\.[\w\$]+)+)\}/, arg: /args\[\d+\](?!.*\+)/, /* type="RegExp" Matches any block directive in the template Use $.ig.regExp.block.exec(tmpl) in order to get the block directive in the tmpl string From 6c7f4be9f65efdf15ec7f02ab1f03b60df532019 Mon Sep 17 00:00:00 2001 From: kdinev Date: Tue, 5 Nov 2024 11:47:34 +0200 Subject: [PATCH 2/4] chore(*): updating codeql actions --- .github/workflows/codeql-analysis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4c3bbf783..d8ad4ca41 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,11 +35,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +50,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +64,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 From 0f2575ef511642dd8145ad04fa302c7699f74ea9 Mon Sep 17 00:00:00 2001 From: kdinev Date: Tue, 5 Nov 2024 11:57:03 +0200 Subject: [PATCH 3/4] chore(*): updating coveralls action --- .github/workflows/node.js.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index 69068b069..dbd615bf8 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -32,7 +32,7 @@ jobs: - name: Publish to coveralls.io if: github.repository == 'IgniteUI/ignite-ui' && matrix.node-version == '20.x' - uses: coverallsapp/github-action@v1.1.2 + uses: coverallsapp/github-action@v1.2.1 with: path-to-lcov: ./coverage/lcov.info github-token: ${{ github.token }} From 39bbb8e05e1b4cbb9da6aacd19b2188737151bdb Mon Sep 17 00:00:00 2001 From: Konstantin Dinev Date: Tue, 5 Nov 2024 14:46:17 +0200 Subject: [PATCH 4/4] Fix code scanning alert no. 327: Inefficient regular expression Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- src/js/modules/infragistics.templating.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/js/modules/infragistics.templating.js b/src/js/modules/infragistics.templating.js index 7c2b690b1..7480175f0 100644 --- a/src/js/modules/infragistics.templating.js +++ b/src/js/modules/infragistics.templating.js @@ -127,7 +127,7 @@ Use $.ig.regExp.sub.exec(tmpl) in order to get the substitution element in the tmpl string */ nonEncodeSub: /\{\{html\s+([\w\$\-]+(\.|\s)?[\w\$\-]*)+\}\}/, - forSub: /\$\{(([\w\$]+\.[\w\$]+)+)\}/, + forSub: /\$\{([\w\$]+\.[\w\$]+(?:\.[\w\$]+)*)\}/, arg: /args\[\d+\](?!.*\+)/, /* type="RegExp" Matches any block directive in the template Use $.ig.regExp.block.exec(tmpl) in order to get the block directive in the tmpl string