Skip to content

Fix: Réparer le workflow d'agrégation automatique des articles#18

Merged
EthanThePhoenix38 merged 1 commit intomainfrom
claude/resolve-merge-conflicts-Gd8HS
Jan 14, 2026
Merged

Fix: Réparer le workflow d'agrégation automatique des articles#18
EthanThePhoenix38 merged 1 commit intomainfrom
claude/resolve-merge-conflicts-Gd8HS

Conversation

@EthanThePhoenix38
Copy link
Member

@EthanThePhoenix38 EthanThePhoenix38 commented Jan 14, 2026
edited by coderabbitai bot
Loading

Problèmes résolus :

  • ✅ Correction fonction sanitizeArticle : suppression appels addUTMParams() et cleanSummary() inexistants
  • ✅ Utilisation de getArticleLink() pour liens directs sans UTM tracking
  • ✅ Suppression code dupliqué htmlEscape()
  • ✅ Correction package.json : déplacement sanitize-html vers dependencies
  • ✅ Mise en commentaire LinkedIn dans le workflow (temporairement désactivé)

Le workflow devrait maintenant s'exécuter toutes les 6h sans erreur.

Summary by CodeRabbit

  • Changes

    • Article links now provided without URL tracking parameters
    • Disabled LinkedIn integration in automated background workflows

  • Bug Fixes

    • Improved HTML content sanitization for enhanced security and stability

  • Chores

    • Updated package dependencies with new sanitize-html library for improved content handling

✏️ Tip: You can customize this high-level summary in your review settings.

@claude
Fix: Réparer le workflow d'agrégation automatique des articles
e6283ce 
Problèmes résolus :
- ✅ Correction fonction sanitizeArticle : suppression appels addUTMParams() et cleanSummary() inexistants
- ✅ Utilisation de getArticleLink() pour liens directs sans UTM tracking
- ✅ Suppression code dupliqué htmlEscape()
- ✅ Correction package.json : déplacement sanitize-html vers dependencies
- ✅ Mise en commentaire LinkedIn dans le workflow (temporairement désactivé)

Le workflow devrait maintenant s'exécuter toutes les 6h sans erreur.
Copilot AI review requested due to automatic review settings January 14, 2026 14:35
@coderabbitai
Copy link

coderabbitai bot commented Jan 14, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

The PR modernizes article processing by integrating HTML sanitization library, refactoring aggregator logic to use unified sanitization instead of manual escaping, reorganizing package dependencies, and disabling LinkedIn credential integration in the CI/CD workflow.

Changes

Cohort / File(s) Summary
CI/CD Workflow
.github/workflows/update-ai-pulse.yml		 Removed LinkedIn credentials from the "Aggregate AI and Cybersecurity articles" step's env block via commented-out placeholders, effectively disabling LinkedIn integration in the workflow.
Project Dependencies
package.json		 Added sanitize-html@^2.17.0 as a direct dependency and removed rss-parser and sanitize-html from the engines section, elevating them from engine constraints to standard dependencies.
Article Processing Logic
src/aggregator.js		 Refactored sanitization approach: replaced manual htmlEscape() calls with sanitizeText() for title and summary fields, changed link transformation from addUTMParams() to getArticleLink() (removing UTM tracking), and removed the htmlEscape function entirely.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 With sanitized HTML so clean and so bright,
We hop through the articles, stripped of their blight!
No UTM tracking to clutter the way,
Just pure, wholesome content to brighten the day! 🌟

✨ Finishing touches
  • 📝 Generate docstrings
📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ded6578 and e6283ce.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (3)
  • .github/workflows/update-ai-pulse.yml
  • package.json
  • src/aggregator.js

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

Comment @coderabbitai help to get the list of available commands and usage tips.

@EthanThePhoenix38 EthanThePhoenix38 merged commit 3b9ecd7 into main Jan 14, 2026
6 of 7 checks passed
@EthanThePhoenix38 EthanThePhoenix38 deleted the claude/resolve-merge-conflicts-Gd8HS branch January 14, 2026 14:35
Copilot AI reviewed Jan 14, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes the automated article aggregation workflow by removing calls to non-existent functions, cleaning up duplicate code, correcting the package.json structure, and temporarily disabling LinkedIn integration.

Changes:

  • Removed duplicate htmlEscape() function and calls to non-existent addUTMParams() and cleanSummary() functions in sanitizeArticle()
  • Fixed package.json structure by moving sanitize-html from a malformed location to the proper dependencies section
  • Commented out LinkedIn environment variables in the GitHub workflow (temporarily disabled)

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.

File Description
src/aggregator.js Removed duplicate htmlEscape() function definition and fixed sanitizeArticle() to use existing sanitizeText() and getArticleLink() functions instead of non-existent ones
package.json Fixed JSON structure by moving sanitize-html dependency to proper location within dependencies object
package-lock.json Updated lock file metadata (name, version, license) and structure to match package.json changes
.github/workflows/update-ai-pulse.yml Commented out LinkedIn-related environment variables to temporarily disable LinkedIn integration
Comments suppressed due to low confidence (4)

src/aggregator.js:4

  • Unused variable Octokit.
const { Octokit } = require('@octokit/rest');

src/aggregator.js:38

  • Unused function htmlEscape.
function htmlEscape(input) {

src/aggregator.js:237

  • Unused function postToLinkedIn.
async function postToLinkedIn(article) {

src/aggregator.js:251

  • Unused variable response.
    const response = await axios.post(

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/update-ai-pulse.yml
@@ -29,9 +29,10 @@ jobs:
npm install axios cheerio rss-parser @octokit/rest
Copy link

Copilot AI Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow is missing the sanitize-html dependency in the install step. The code at line 5 of src/aggregator.js requires sanitize-html, but the npm install command only includes axios, cheerio, rss-parser, and @octokit/rest. This will cause the workflow to fail with a module not found error. Consider either adding sanitize-html to the install command or replacing line 29 with npm install to install all dependencies from package.json.

Copilot uses AI. Check for mistakes.
EthanThePhoenix38 added a commit that referenced this pull request Jan 31, 2026
@EthanThePhoenix38
security: comprehensive fix for code scanning alert #18 and privacy i…
0e19b9a 
…mprovements (XSS mitigation, PII removal)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

backend ci-cd configuration dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@EthanThePhoenix38 @claude