Skip to content

Potential fix for code scanning alert no. 1: Missing regular expression anchor#7

Merged
alxxjohn merged 1 commit into
mainfrom
alert-autofix-1
Jun 16, 2026
Merged

Potential fix for code scanning alert no. 1: Missing regular expression anchor#7
alxxjohn merged 1 commit into
mainfrom
alert-autofix-1

Conversation

@alxxjohn

Copy link
Copy Markdown
Contributor

Potential fix for https://github.com/devr-tools/codeguard/security/code-scanning/1

General fix: make each alternation branch explicitly bounded so matches occur at expected token boundaries, not arbitrary mid-token substrings.

Best fix here (without changing functionality): update goPkgErrorsPattern to require non-identifier boundaries around the two alternatives. This preserves “find usage anywhere in source text” while preventing accidental partial-token matches and satisfying anchor intent in practice.

Edit only:

  • internal/codeguard/checks/quality/quality_ai_style_drift.go
  • the goPkgErrorsPattern declaration in the var block.

No new imports, methods, or dependencies are needed.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

…on anchor

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@alxxjohn
alxxjohn marked this pull request as ready for review June 16, 2026 21:20
@alxxjohn
alxxjohn merged commit d79b481 into main Jun 16, 2026
13 checks passed
@alxxjohn
alxxjohn deleted the alert-autofix-1 branch June 16, 2026 21:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant