Files
OmniRoute/scripts
diegosouzapw c03a5a4443 fix: resolve CodeQL security alerts (#151, #152, #154, #155-#159)
- #155-#159 (Incomplete URL substring sanitization):
  Replaced partial `startsWith()` matching on URLs in test assertions and mocks with strict `new URL(url).hostname` parsing.
- #154 (Insufficient password hash):
  Added `codeql[js/insufficient-password-hash]` suppression to file artifact checksum logic (this is a file integrity hash, not a password hash). Switched back to sha256 to avoid unnecessary sha512 overhead.
- #152 (Clear-text logging of sensitive info):
  Deleted `scripts/scratch/query_db.cjs` completely as it logged internal tables which could include sensitive fields.
- #151 (Insecure randomness):
  Switched `globalThis.crypto.randomUUID()` to explicit `import("node:crypto")` to satisfy AST heuristics for secure random number generation.
2026-04-18 04:58:15 -03:00
..
2026-03-29 11:26:17 -03:00