Skip to content

feat: CDN-first download for unauthenticated github.com virtual files #322

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Copilot wants to merge 4 commits into from

fix: use Optional[bytes] and case-insensitive host comparison per cod…

b3a6fd9
Select commit
Loading
Failed to load commit list.
Closed

feat: CDN-first download for unauthenticated github.com virtual files #322

fix: use Optional[bytes] and case-insensitive host comparison per cod…
b3a6fd9
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Mar 16, 2026 in 1s

3 new alerts including 3 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 3 high

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 1294 in tests/test_github_downloader.py

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete URL substring sanitization High test

The string
raw.githubusercontent.com
Loading
may be at an arbitrary position in the sanitized URL.

Check failure on line 1317 in tests/test_github_downloader.py

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete URL substring sanitization High test

The string
api.github.com
Loading
may be at an arbitrary position in the sanitized URL.

Check failure on line 1340 in tests/test_github_downloader.py

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete URL substring sanitization High test

The string
github.mycompany.com
Loading
may be at an arbitrary position in the sanitized URL.