From aa4b0ee9d5e5e7912641c0c2af02042329aecf99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A4=CE=BF=20=CE=BC=CE=BF=CF=87=CE=B8=CE=B7=CF=81=CF=8C?= =?UTF-8?q?=20=5E=5F=5E?= <69906215+Malus-risus@users.noreply.github.com> Date: Thu, 29 May 2025 14:20:57 +0800 Subject: [PATCH 1/7] Potential fix for code scanning alert no. 1: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/update-icons.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/update-icons.yaml b/.github/workflows/update-icons.yaml index 249c78df53..27a42a1ed6 100644 --- a/.github/workflows/update-icons.yaml +++ b/.github/workflows/update-icons.yaml @@ -5,6 +5,10 @@ on: - cron: 0 0 * * * workflow_dispatch: +permissions: + contents: write + pull-requests: write + jobs: load-icons: if: github.repository == 'marticliment/UniGetUI' From 9ef34cfcd9e7b26d6810aa4f713ce1a0b0afc770 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A4=CE=BF=20=CE=BC=CE=BF=CF=87=CE=B8=CE=B7=CF=81=CF=8C?= =?UTF-8?q?=20=5E=5F=5E?= <69906215+Malus-risus@users.noreply.github.com> Date: Thu, 29 May 2025 14:21:29 +0800 Subject: [PATCH 2/7] Potential fix for code scanning alert no. 2: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/translations-test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/translations-test.yml b/.github/workflows/translations-test.yml index 7d3b0703d9..1ebf68ccaa 100644 --- a/.github/workflows/translations-test.yml +++ b/.github/workflows/translations-test.yml @@ -1,4 +1,7 @@ name: Translation integrity +permissions: + contents: read + pull-requests: write on: pull_request: branches: [ "main" ] From 9c7828e93bf8f9a1bb442a50d2ddaef4b5d253e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A4=CE=BF=20=CE=BC=CE=BF=CF=87=CE=B8=CE=B7=CF=81=CF=8C?= =?UTF-8?q?=20=5E=5F=5E?= <69906215+Malus-risus@users.noreply.github.com> Date: Thu, 29 May 2025 14:21:46 +0800 Subject: [PATCH 3/7] Potential fix for code scanning alert no. 3: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/dotnet-test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/dotnet-test.yml b/.github/workflows/dotnet-test.yml index a5cf1cb350..eb949b96a8 100644 --- a/.github/workflows/dotnet-test.yml +++ b/.github/workflows/dotnet-test.yml @@ -1,4 +1,6 @@ name: .NET Tests +permissions: + contents: read on: push: branches: [ "main" ] From d1c207b972a5ab8e5213acc9d23514e8ba676aad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A4=CE=BF=20=CE=BC=CE=BF=CF=87=CE=B8=CE=B7=CF=81=CF=8C?= =?UTF-8?q?=20=5E=5F=5E?= <69906215+Malus-risus@users.noreply.github.com> Date: Thu, 29 May 2025 14:38:31 +0800 Subject: [PATCH 4/7] Potential fix for code scanning alert no. 4: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/update-tolgee.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/update-tolgee.yml b/.github/workflows/update-tolgee.yml index 5624da901a..ff8045893e 100644 --- a/.github/workflows/update-tolgee.yml +++ b/.github/workflows/update-tolgee.yml @@ -1,5 +1,9 @@ name: Tolgee CI +permissions: + contents: read + pull-requests: write + on: schedule: - cron: 0 0 * * * From e68124d8276115bb1a47123f72dfa0f61571db24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A4=CE=BF=20=CE=BC=CE=BF=CF=87=CE=B8=CE=B7=CF=81=CF=8C?= =?UTF-8?q?=20=5E=5F=5E?= <69906215+Malus-risus@users.noreply.github.com> Date: Thu, 29 May 2025 14:38:46 +0800 Subject: [PATCH 5/7] Potential fix for code scanning alert no. 5: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/winget-prerelease.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/winget-prerelease.yml b/.github/workflows/winget-prerelease.yml index 338de48d1c..8063298e77 100644 --- a/.github/workflows/winget-prerelease.yml +++ b/.github/workflows/winget-prerelease.yml @@ -1,5 +1,8 @@ name: Publish prereleases to WinGet +permissions: + contents: read + on: release: types: [published] # Trigger on published release (includes prereleases) From 296e11be73bea56d81f26c23fb150bc36a03505a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A4=CE=BF=20=CE=BC=CE=BF=CF=87=CE=B8=CE=B7=CF=81=CF=8C?= =?UTF-8?q?=20=5E=5F=5E?= <69906215+Malus-risus@users.noreply.github.com> Date: Thu, 29 May 2025 14:39:12 +0800 Subject: [PATCH 6/7] Potential fix for code scanning alert no. 6: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/winget-stable.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/winget-stable.yml b/.github/workflows/winget-stable.yml index 5b1ececdf2..c00cfd996c 100644 --- a/.github/workflows/winget-stable.yml +++ b/.github/workflows/winget-stable.yml @@ -4,6 +4,9 @@ on: types: [released] workflow_dispatch: +permissions: + contents: read + jobs: publish: runs-on: ubuntu-latest From 17043a775a172a3a293a9fa799e5f33fbc0575ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A4=CE=BF=20=CE=BC=CE=BF=CF=87=CE=B8=CE=B7=CF=81=CF=8C?= =?UTF-8?q?=20=5E=5F=5E?= <69906215+Malus-risus@users.noreply.github.com> Date: Thu, 29 May 2025 14:39:39 +0800 Subject: [PATCH 7/7] Potential fix for code scanning alert no. 8: DOM text reinterpreted as HTML Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- src/UniGetUI/Assets/Symbols/Font/demo-files/demo.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/UniGetUI/Assets/Symbols/Font/demo-files/demo.js b/src/UniGetUI/Assets/Symbols/Font/demo-files/demo.js index 6f45f1c409..3eb09052ac 100644 --- a/src/UniGetUI/Assets/Symbols/Font/demo-files/demo.js +++ b/src/UniGetUI/Assets/Symbols/Font/demo-files/demo.js @@ -15,7 +15,7 @@ document.body.addEventListener("click", function(e) { testDrive = document.getElementById('testDrive'), testText = document.getElementById('testText'); function updateTest() { - testDrive.innerHTML = testText.value || String.fromCharCode(160); + testDrive.textContent = testText.value || String.fromCharCode(160); if (window.icomoonLiga) { window.icomoonLiga(testDrive); }