Skip to content

fix(security): prevent shell/JSON injection via PR title in Chat notification workflow#606

Open
XananasX7 wants to merge 1 commit into
google:mainfrom
XananasX7:fix/security-shell-injection-pr-title
Open

fix(security): prevent shell/JSON injection via PR title in Chat notification workflow#606
XananasX7 wants to merge 1 commit into
google:mainfrom
XananasX7:fix/security-shell-injection-pr-title

fix(security): prevent shell/JSON injection in Google Chat notificati…

e991fca
Select commit
Loading
Failed to load commit list.
Google CLA / cla/google failed Jun 28, 2026 in 12s

❌ Missing CLA from one or more contributors

We couldn't find a Contributor License Agreement (CLA) for some of the contributors shown below. All contributors listed must be covered under a CLA for this pull request to be merged.

📝 If you are not currently covered under a CLA, please visit https://cla.developers.google.com/. Once you've signed, follow the "New Contributors" link at the bottom of this page to update this check.


Help! I've signed the CLA, but it's still showing me as unsigned.

Individual signers
Corporate signers
  • Your company has a Point of Contact who decides which employees are authorized to participate. Ask your POC to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the Google project maintainer to go/cla#troubleshoot (Public version).
  • The email used to register you as an authorized contributor must be the same email used in your Git commits. Check your existing CLA data and verify that your email is set on your git commits.
  • The email used to register you as an authorized contributor must also be attached to your GitHub account.
  • You may have Keep my email address private enabled. Without a visible email address, the CLA cannot be checked. Uncheck it and re-create the offending commit, or have your CLA point of contact add your @users.noreply.github.com address to the CLA group.

ℹ️ Googlers: Go here to view more details and manage scans for this pull request.

🔁 New Contributors: Update this check after signing the CLA by clicking here.

Details

The following contributors were found for this pull request:

e991fca PR Opener: @XananasX7 <mehd*******007​@gmail.com>
e991fca Author: <se****ty​@example.com>

(Only the first commit for a unique contributor is listed.)