Merge pull request #96 from aligent/fix/aikido-security-sast-25820388-i8q5

crispy101 · web-flow · commit 684e2df02f1d · 2026-04-24T13:42:19.000+09:30
[Aikido] AI Fix for Template Injection in GitHub Workflows Action
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -53,11 +53,14 @@ jobs:
           ORO_STORE_URL: ${{ secrets.ORO_STORE_URL }}
           STORE_HASH: ${{ secrets.STORE_HASH }}
           X_AUTH_TOKEN: ${{ secrets.X_AUTH_TOKEN }}
-        run: yarn nx docker-build ${{ inputs.application }}
+          APPLICATION: ${{ inputs.application }}
+        run: yarn nx docker-build $APPLICATION
 
       - name: Save Docker image to a tar file
+        env:
+          APPLICATION: ${{ inputs.application }}
         run: |
-          docker save ${{ inputs.application }}:latest -o /tmp/${{ inputs.application }}.tar
+          docker save $APPLICATION:latest -o /tmp/$APPLICATION.tar
 
       - name: Upload Docker image as artifact
         uses: actions/upload-artifact@v4
diff --git a/.github/workflows/owasp.yml b/.github/workflows/owasp.yml
@@ -38,11 +38,13 @@ jobs:
           path: code
 
       - name: Fetch dependency check script
+        env:
+          INPUT_VERSION: ${{ inputs.version }}
         run: |
-          if [ -z "${{ inputs.version }}" ]; then
+          if [ -z "$INPUT_VERSION" ]; then
             VERSION=$(curl -s https://jeremylong.github.io/DependencyCheck/current.txt)
           else
-            VERSION=${{ inputs.version }}
+            VERSION=$INPUT_VERSION
           fi
           curl -Ls "https://github.com/jeremylong/DependencyCheck/releases/download/v$VERSION/dependency-check-$VERSION-release.zip" --output dependency-check.zip
 
diff --git a/packages/modules/bigcommerce/src/factories/helpers/__tests__/__data__/transform-product-location-data.ts b/packages/modules/bigcommerce/src/factories/helpers/__tests__/__data__/transform-product-location-data.ts
@@ -4,12 +4,18 @@ export const productInventoryLocation: VariantInventory = {
     isInStock: true,
     aggregated: {
         availableToSell: 31,
+        availableOnHand: 31,
         warningLevel: 2,
+        unlimitedBackorder: false,
     },
     byLocation: {
+        pageInfo: {
+            hasNextPage: false,
+            hasPreviousPage: false,
+        },
         edges: [
             {
-                // @ts-expect-error: error is due to required but deprecated field locationEntityServiceTypeIds
+                cursor: 'cursor1',
                 node: {
                     locationEntityId: 1,
                     locationEntityCode: 'BC-LOCATION-1',
@@ -18,10 +24,12 @@ export const productInventoryLocation: VariantInventory = {
                     availableToSell: 11,
                     warningLevel: 2,
                     isInStock: true,
+                    backorderMessage: '',
+                    locationEntityServiceTypeIds: [],
                 },
             },
             {
-                // @ts-expect-error: error is due to required but deprecated field locationEntityServiceTypeIds
+                cursor: 'cursor2',
                 node: {
                     locationEntityId: 2,
                     locationEntityCode: 'BIGC-2',
@@ -30,10 +38,12 @@ export const productInventoryLocation: VariantInventory = {
                     availableToSell: 20,
                     warningLevel: 0,
                     isInStock: true,
+                    backorderMessage: '',
+                    locationEntityServiceTypeIds: [],
                 },
             },
             {
-                // @ts-expect-error: error is due to required but deprecated field locationEntityServiceTypeIds
+                cursor: 'cursor3',
                 node: {
                     locationEntityId: 3,
                     locationEntityCode: '',
@@ -42,6 +52,8 @@ export const productInventoryLocation: VariantInventory = {
                     availableToSell: 0,
                     warningLevel: 0,
                     isInStock: false,
+                    backorderMessage: '',
+                    locationEntityServiceTypeIds: [],
                 },
             },
         ],
@@ -57,6 +69,8 @@ export const transformedProductLocations = [
         availableToSell: 11,
         warningLevel: 2,
         isInStock: true,
+        backorderMessage: '',
+        locationEntityServiceTypeIds: [],
         __typename: 'ByLocation',
     },
     {
@@ -67,6 +81,8 @@ export const transformedProductLocations = [
         availableToSell: 20,
         warningLevel: 0,
         isInStock: true,
+        backorderMessage: '',
+        locationEntityServiceTypeIds: [],
         __typename: 'ByLocation',
     },
     {
@@ -77,6 +93,8 @@ export const transformedProductLocations = [
         availableToSell: 0,
         warningLevel: 0,
         isInStock: false,
+        backorderMessage: '',
+        locationEntityServiceTypeIds: [],
         __typename: 'ByLocation',
     },
 ];
