From 46498994e7c74cc22124af78c8a87a164887a02f Mon Sep 17 00:00:00 2001 From: reinamora Date: Wed, 11 Sep 2024 12:41:29 -0500 Subject: [PATCH] chore: sanitize string on issue creation --- .github/workflows/create_issue_from_discussion.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/create_issue_from_discussion.yml b/.github/workflows/create_issue_from_discussion.yml index 9149c99..b7d6a9a 100644 --- a/.github/workflows/create_issue_from_discussion.yml +++ b/.github/workflows/create_issue_from_discussion.yml @@ -35,18 +35,23 @@ jobs: // Generate a unique ID const uniqueId = `DI-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`; + // Sanitize title and body + const sanitizeString = (str) => str.replace(/[^\w\s-]/g, '').trim(); + const safeTitle = sanitizeString(discussion.title); + const safeBody = sanitizeString(discussion.body); + // Create issue const issue = await github.rest.issues.create({ owner: owner, repo: repo, - title: `Discussion: ${discussion.title}`, - body: `Created from discussion: ${discussion.html_url}\n\nDiscussion-Issue-ID: ${uniqueId}\n\n${discussion.body}`, + title: `Discussion: ${safeTitle}`, + body: `Created from discussion: ${discussion.html_url}\n\nDiscussion-Issue-ID: ${uniqueId}\n\n${safeBody}`, labels: ['from-discussion'] }); // Update discussion with issue link const issueUrl = issue.data.html_url; - const updatedBody = `${discussion.body}\n\n---\nIssue created: ${issueUrl}\nDiscussion-Issue-ID: ${uniqueId}`; + const updatedBody = `${safeBody}\n\n---\nIssue created: ${issueUrl}\nDiscussion-Issue-ID: ${uniqueId}`; await github.graphql(` mutation($discussionId: ID!, $body: String!) {