See https://github.com/kolmafia/kolmafia/security/code-scanning
which says "Uncontrolled data used in path expression" remains unresolved.
I have submitted two different patches to eliminate this warning and the scanner has not liked them.
If anyone else has ideas, let me know or submit a PR.
If anyone can tell me how to run the security scan on a PR before it was committed at least I can stop committing things before I know they will make the scanner happy.
Note that we are suppressing a scanner warning about encryption methodology since we use the encryption KoL expects so we really can't change until KoL does.
which says "Uncontrolled data used in path expression" remains unresolved.
I have submitted two different patches to eliminate this warning and the scanner has not liked them.
If anyone else has ideas, let me know or submit a PR.
If anyone can tell me how to run the security scan on a PR before it was committed at least I can stop committing things before I know they will make the scanner happy.
Note that we are suppressing a scanner warning about encryption methodology since we use the encryption KoL expects so we really can't change until KoL does.