The GitHub Actions job "link-check" on airflow-steward.git/feat-sandbox-lint has succeeded. Run started by GitHub user andreahlert (triggered by andreahlert).
Head commit for run: 0dd404fb6cfc4ab85a885d5b17b5b8f37e4003bc / André Ahlert <[email protected]> fix(sandbox-lint): satisfy lychee and CodeQL on the M.29 PR Two CI failures on PR #93 against `apache/airflow-steward`: - `lychee` fails because `tools/sandbox-lint/README.md` linked to `docs/security/threat-model.md` paths and anchors — that file lands in a companion PR and is not on `main` yet. Replace the three direct links with prose references that note the threat-model doc is a companion PR; the lint stands on its own. - `CodeQL` (`py/incomplete-url-substring-sanitization`) fires on the test sentinel `evil.example.com` because the rule keys on hostname-shaped literals appearing in `in` substring checks. This is test code asserting against a diff message, not URL validation, but the rule is right that hostname-shaped sentinels are a footgun. Rename to `sandbox-lint-test-extra-marker` so the sentinel is unambiguously not a URL pattern. Generated-by: Claude Opus 4.7 Report URL: https://github.com/apache/airflow-steward/actions/runs/25522294334 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
