From 12d87d6256e9903570593a175136ca2f9ca4c2b2 Mon Sep 17 00:00:00 2001 From: DecDuck Date: Sat, 28 Jun 2025 12:00:42 +1000 Subject: [PATCH] Fix CodeQL warnings --- .github/workflows/ci.yml | 3 +++ .github/workflows/release.yml | 3 +++ components/NewsDirectory.vue | 7 ++----- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5520209..78926f6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,6 +7,9 @@ on: pull_request: branches: - develop + +permissions: + contents: read jobs: typecheck: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b39f2f8..ed29fb5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,6 +8,9 @@ on: schedule: - cron: "0 2 * * *" # run at 2 AM UTC +permissions: + contents: read + jobs: web: name: Push website Docker image to registry diff --git a/components/NewsDirectory.vue b/components/NewsDirectory.vue index 96a8233..6c0ea5a 100644 --- a/components/NewsDirectory.vue +++ b/components/NewsDirectory.vue @@ -151,11 +151,8 @@ const toggleTag = (tag: string) => { }; const formatExcerpt = (excerpt: string) => { - // TODO: same as one in NewsArticleCreateButton - // Convert markdown to HTML - const html = micromark(excerpt); - // Strip HTML tags using regex - return html.replace(/<[^>]*>/g, ""); + // Convert markdown to HTML, micromark is safe + return micromark(excerpt); }; const filteredArticles = computed(() => {