Closed raboof closed 1 year ago
did this change come about because of an issue?
No - there was a CodeQL warning that we were using user-submitted input in a query, and while I would be highly surprised if this led to trouble, it seemed like good practice to validate it anyway.
would prefer if you send that upstream then to avoid too many ASF specific changes
Makes sense, https://github.com/Vulnogram/Vulnogram/pull/125
This is likely not strictly necessary, but good to err on the safe side.