Skip to content

v0.4.12: guardrails, mistral models, privacy policy updates #1608

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
waleedlatif1 merged 8 commits into from
Oct 12, 2025

fix(vulns): fix various vulnerabilities and enhanced code security (#…

8f06aec
Select commit
Loading
Failed to load commit list.
Merged

v0.4.12: guardrails, mistral models, privacy policy updates #1608

fix(vulns): fix various vulnerabilities and enhanced code security (#…
8f06aec
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL succeeded Oct 12, 2025 in 2s

No new alerts in code changed by this pull request

View all branch alerts.

Annotations

Check failure on line 59 in apps/sim/lib/copilot/tools/server/other/make-api-request.ts

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete multi-character sanitization High

This string may still contain
<script
Loading
, which may cause an HTML element injection vulnerability.

Check failure on line 59 in apps/sim/lib/copilot/tools/server/other/make-api-request.ts

See this annotation in the file changed.

Code scanning / CodeQL

Bad HTML filtering regexp High

This regular expression does not match script end tags like </script\t\n bar>.

Check failure on line 60 in apps/sim/lib/copilot/tools/server/other/make-api-request.ts

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete multi-character sanitization High

This string may still contain
<style
Loading
, which may cause an HTML element injection vulnerability.

Check failure on line 52 in apps/sim/tools/confluence/utils.ts

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete multi-character sanitization High

This string may still contain
<script
Loading
, which may cause an HTML element injection vulnerability.

Check failure on line 12 in apps/sim/tools/sharepoint/utils.ts

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete multi-character sanitization High

This string may still contain
<script
Loading
, which may cause an HTML element injection vulnerability.