@@ -144,7 +144,7 @@ jobs:
144144 run : |
145145 # Validate result files exist and are reasonable size
146146 if [ -f ckc_result.txt ]; then
147- FILE_SIZE=$(stat -f%z ckc_result.txt 2>/dev/null || stat - c%s ckc_result.txt 2>/dev/null)
147+ FILE_SIZE=$(stat -c%s ckc_result.txt 2>/dev/null)
148148 if [ "$FILE_SIZE" -gt 1048576 ]; then # 1MB limit
149149 echo "❌ Security: ckc_result.txt file too large: $FILE_SIZE bytes"
150150 exit 1
@@ -153,7 +153,7 @@ jobs:
153153 fi
154154
155155 if [ -f interdiff_result.txt ]; then
156- FILE_SIZE=$(stat -f%z interdiff_result.txt 2>/dev/null || stat - c%s interdiff_result.txt 2>/dev/null)
156+ FILE_SIZE=$(stat -c%s interdiff_result.txt 2>/dev/null)
157157 if [ "$FILE_SIZE" -gt 1048576 ]; then # 1MB limit
158158 echo "❌ Security: interdiff_result.txt file too large: $FILE_SIZE bytes"
159159 exit 1
@@ -287,11 +287,13 @@ jobs:
287287
288288 # Filter out any potential credential leaks from output
289289 # Use fixed string matching to avoid regex issues with special chars in tokens
290- FILTERED_OUTPUT=$(echo "$OUTPUT" | grep -v -F -e "jira-user" -e "jira-key" -e "basic_auth" -e "Authorization" -e "Bearer")
290+ FILTERED_OUTPUT=$(echo "$OUTPUT" | grep -v -F -e "jira-user" -e "jira-key" -e "basic_auth" -e "Authorization" -e "Bearer" || true )
291291
292292 # Additional safety: remove any lines that might contain the actual token
293- # Do this without putting the token in the command line
294- FILTERED_OUTPUT=$(echo "$FILTERED_OUTPUT" | grep -v "$JIRA_API_USER" || true)
293+ # Do this without putting the token in the command linei
294+ if [ -n "${JIRA_API_USER:-}" ] ; then
295+ FILTERED_OUTPUT=$(echo "$FILTERED_OUTPUT" | grep -v "$JIRA_API_USER" || true)
296+ fi
295297
296298 echo "$FILTERED_OUTPUT"
297299
0 commit comments