File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -49,17 +49,24 @@ jobs:
4949 # 4. Extract details from the first alert found
5050 PACKAGE=$(echo "$ALERTS" | jq -r '.[0] | .dependency.package.name')
5151 SEVERITY=$(echo "$ALERTS" | jq -r '.[0] | .security_advisory.severity')
52- URL=$(echo "$ALERTS" | jq -r '.[0] | .html_url')
5352 STATE=$(echo "$ALERTS" | jq -r '.[0] | .state')
5453
55- # 5. Send Slack Notification
56- # Build message text using jq to safely handle user input
54+ REPO_NAME: ${{ github.repository }}
55+ SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
56+
57+ ISSUE_TITLE=$(echo "$ALERTS" | jq -r '.[0] | .dependency.package.name + " (" + .security_advisory.severity + ")"')
58+ ISSUE_USER="Dependabot"
59+ ISSUE_URL=$(echo "$ALERTS" | jq -r '.[0] | .html_url')
60+
61+ # FIX: We pass the template string as an argument (--arg template)
62+ # This prevents the "syntax error: unexpected '*'" because jq doesn't try to parse the asterisks as code.
5763 MESSAGE_TEXT=$(jq -n \
5864 --arg repo "$REPO_NAME" \
5965 --arg title "$ISSUE_TITLE" \
6066 --arg user "$ISSUE_USER" \
6167 --arg url "$ISSUE_URL" \
62- '*📢 New Dependabot Alert \($repo) 📢*\n\n*Issue Title:* \($title)\n*Opened By:* \($user)\n\n*View Issue:* \($url)')
68+ --arg template "*📢 New Dependabot Alert ($REPO_NAME) 📢*\n\n*Issue Title:* $ISSUE_TITLE\n*Opened By:* $ISSUE_USER\n\n*View Issue:* $ISSUE_URL" \
69+ '$template')
6370
6471 # Build Slack payload
6572 SLACK_PAYLOAD=$(jq -n \
You can’t perform that action at this time.
0 commit comments