Merge pull request #82 from codeplaysoftware/security-fixes

scottstraughan · web-flow · commit e20cdbb878da · 2025-06-18T12:26:47.000+01:00
Small Security Fixes
diff --git a/requirements.txt b/requirements.txt
@@ -24,8 +24,8 @@ Markdown==3.8 \
     --hash=sha256:7df81e63f0df5c4b24b7d156eb81e4690595239b7d70937d0409f1b0de319c6f
 PyYAML==6.0.1 \
     --hash=sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43
-requests==2.32.3 \
-    --hash=sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6
+requests==2.32.4 \
+    --hash=sha256:27babd3cda2a6d50b30443204ee89830707d396671944c998b5975b031ac2b2c
 six==1.17.0 \
     --hash=sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274 \
     --hash=sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81
diff --git a/src/feeds/ProjectFeed.py b/src/feeds/ProjectFeed.py
@@ -109,7 +109,9 @@ def _inject_repository_information(
         """
         Using GitHub, GitLab, Other APIs, load in more useful repository information.
         """
-        if 'github.com' in markdown_file.front_matter['external_url']:
+        external_url = str(markdown_file.front_matter['external_url'])
+
+        if external_url.startswith('https://github.com'):
             return self._inject_github_repository_information(
                 json_feed_item, markdown_file)
         elif 'gitlab_project_id' in markdown_file.front_matter:
