From 6013f46289ff6ca509bafa86218df7accdc3f0c4 Mon Sep 17 00:00:00 2001 From: soonnae Date: Fri, 25 Jul 2025 21:13:35 +0900 Subject: [PATCH 1/3] [Autofic] Create package.json and CI workflow --- .github/workflows/pr_notify.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/pr_notify.yml diff --git a/.github/workflows/pr_notify.yml b/.github/workflows/pr_notify.yml new file mode 100644 index 00000000..2b34036d --- /dev/null +++ b/.github/workflows/pr_notify.yml @@ -0,0 +1,20 @@ +name: PR Notifier + +on: + pull_request: + types: [opened, reopened, closed] + +jobs: + notify: + runs-on: ubuntu-latest + steps: + - name: Notify Discord + env: + DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} + run: | + curl -H "Content-Type: application/json" -d '{"content": "🔔 Pull Request [${{ github.event.pull_request.title }}](${{ github.event.pull_request.html_url }}) by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $DISCORD_WEBHOOK_URL + - name: Notify Slack + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + run: | + curl -H "Content-Type: application/json" -d '{"text": ":bell: Pull Request <${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}> by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $SLACK_WEBHOOK_URL From ac3e930303cf174a8ee40d15dfb0c2c807dc38ca Mon Sep 17 00:00:00 2001 From: soonnae Date: Fri, 25 Jul 2025 21:13:39 +0900 Subject: [PATCH 2/3] [Autofic] 1 malicious code detected!! --- app/socketio.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/socketio.js b/app/socketio.js index 2ef0b91a..8b5e85aa 100644 --- a/app/socketio.js +++ b/app/socketio.js @@ -86,7 +86,7 @@ function loginConnect(server,port,alias,password) { // connect to server aliasname = alias; console.log('> Attempting to connect to Empire ('+server+':'+port+')') - var socket = io.connect('https://'+server+':'+port, verify=false, {rejectUnauthorized: false}); + var socket = io.connect('https://'+server+':'+port, {rejectUnauthorized: true}); // attempt to login var data = {username : alias, password: password} @@ -334,4 +334,4 @@ function setupSockets(socket) { $('form[name="login"]').submit(function(event){ event.preventDefault(); socket = loginConnect($('#server-ip').val().toString(),$('#server-port').val().toString(),$('#alias').val(),$('#password').val()); -}); +}); \ No newline at end of file From 6bfe5eb86af56acc061b4e460d9c9af7f0ac8c0f Mon Sep 17 00:00:00 2001 From: soonnae Date: Fri, 25 Jul 2025 21:13:54 +0900 Subject: [PATCH 3/3] chore: remove CI workflow before upstream PR --- .github/workflows/pr_notify.yml | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/workflows/pr_notify.yml diff --git a/.github/workflows/pr_notify.yml b/.github/workflows/pr_notify.yml deleted file mode 100644 index 2b34036d..00000000 --- a/.github/workflows/pr_notify.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: PR Notifier - -on: - pull_request: - types: [opened, reopened, closed] - -jobs: - notify: - runs-on: ubuntu-latest - steps: - - name: Notify Discord - env: - DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} - run: | - curl -H "Content-Type: application/json" -d '{"content": "🔔 Pull Request [${{ github.event.pull_request.title }}](${{ github.event.pull_request.html_url }}) by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $DISCORD_WEBHOOK_URL - - name: Notify Slack - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - run: | - curl -H "Content-Type: application/json" -d '{"text": ":bell: Pull Request <${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}> by ${{ github.event.pull_request.user.login }} - ${{ github.event.action }}"}' $SLACK_WEBHOOK_URL