Skip to content

DYN-10536: Fix security vulnerability#17123

Closed
edwin-vasquez-ucaldas wants to merge 1 commit into
DynamoDS:masterfrom
edwin-vasquez-ucaldas:git-actions-test
Closed

DYN-10536: Fix security vulnerability#17123
edwin-vasquez-ucaldas wants to merge 1 commit into
DynamoDS:masterfrom
edwin-vasquez-ucaldas:git-actions-test

Conversation

@edwin-vasquez-ucaldas

Copy link
Copy Markdown
Contributor

Purpose

Solving ant testing DYN-10536

Declarations

Check these if you believe they are true

Release Notes

(FILL ME IN) Brief description of the fix / enhancement. Use N/A to indicate that the changes in this pull request do not apply to Release Notes. Mandatory section

Reviewers

(FILL ME IN) Reviewer 1 (If possible, assign the Reviewer for the PR)

(FILL ME IN, optional) Any additional notes to reviewers or testers.

FYIs

(FILL ME IN, Optional) Names of anyone else you wish to be notified of

Copilot AI review requested due to automatic review settings May 27, 2026 20:51
@github-actions github-actions Bot changed the title Fix security vulnerability DYN-10536: Fix security vulnerability May 27, 2026

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See the ticket for this pull request: https://jira.autodesk.com/browse/DYN-10536

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens the issue type prediction workflow by reducing GitHub token permissions and avoiding direct interpolation of issue data inside shell commands.

Changes:

  • Adds least-privilege workflow permissions for issue labeling and repository checkout.
  • Passes issue content, generated JSON, and issue metadata through environment variables with safer quoting.
  • Uses multiline-safe GITHUB_ENV writes and documents token choices for downstream workflow behavior.

@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants