Skip to content

[Aikido] AI Fix for Template Injection in GitHub Workflows Action#96

Merged
crispy101 merged 5 commits into
mainfrom
fix/aikido-security-sast-25820388-i8q5
Apr 24, 2026
Merged

[Aikido] AI Fix for Template Injection in GitHub Workflows Action#96
crispy101 merged 5 commits into
mainfrom
fix/aikido-security-sast-25820388-i8q5

Conversation

@aikido-autofix
Copy link
Copy Markdown
Contributor

@aikido-autofix aikido-autofix Bot commented Apr 24, 2026

This patch mitigates template injection vulnerabilities in GitHub Workflows by replacing direct references with an environment variable.

Aikido used AI to generate this PR.

High confidence: Aikido has a robust set of benchmarks for similar fixes, and they are proven to be effective.

@aikido-autofix aikido-autofix Bot requested a review from a team as a code owner April 24, 2026 00:43
aikido-pr-checks[bot]
aikido-pr-checks Bot reviewed Apr 24, 2026
View reviewed changes
Comment thread .github/workflows/owasp.yml
crispy101
crispy101 previously approved these changes Apr 24, 2026
View reviewed changes
@crispy101 @claude
fix(bigcommerce): update test data to match BigCommerce schema changes
c193c0f 
AKD-305

- Add missing `availableOnHand` and `unlimitedBackorder` properties to
  the Aggregated type in test data
- Remove obsolete @ts-expect-error directives for locationEntityServiceTypeIds
  which is no longer required in the schema

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@crispy101 crispy101 requested a review from a team as a code owner April 24, 2026 03:01
@crispy101 crispy101 requested a review from ryanrixxh April 24, 2026 03:01
@crispy101 crispy101 force-pushed the fix/aikido-security-sast-25820388-i8q5 branch 2 times, most recently from 5ac2578 to 074626b Compare April 24, 2026 03:09
@crispy101 @claude
fix(bigcommerce): add missing InventoryByLocations properties
ab51590 
AKD-305

- Add backorderMessage and locationEntityServiceTypeIds to each location
  node to satisfy updated BigCommerce schema requirements

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@crispy101 crispy101 force-pushed the fix/aikido-security-sast-25820388-i8q5 branch from 074626b to ab51590 Compare April 24, 2026 03:12
@crispy101 crispy101 self-requested a review April 24, 2026 03:24
kai-nguyen-aligent
kai-nguyen-aligent approved these changes Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@kai-nguyen-aligent kai-nguyen-aligent left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@crispy101 crispy101 merged commit 684e2df into main Apr 24, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crispy101 crispy101 crispy101 approved these changes

@kai-nguyen-aligent kai-nguyen-aligent kai-nguyen-aligent approved these changes

@aaronmedina-dev aaronmedina-dev Awaiting requested review from aaronmedina-dev aaronmedina-dev is a code owner automatically assigned from aligent/devops

@ryanrixxh ryanrixxh Awaiting requested review from ryanrixxh ryanrixxh is a code owner automatically assigned from aligent/microservices

+1 more reviewer

@aikido-pr-checks aikido-pr-checks[bot] aikido-pr-checks[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@crispy101 @kai-nguyen-aligent