fix CodeQL alerts 5-7

https://github.com/vogler/free-games-claimer/security/code-scanning/5 https://github.com/vogler/free-games-claimer/security/code-scanning/6 https://github.com/vogler/free-games-claimer/security/code-scanning/7
2025-05-14 00:46:37 +02:00 · 2025-05-14 00:46:37 +02:00 · a5ce5ec816
commit a5ce5ec816
parent 6aea18836d
3 changed files with 10 additions and 2 deletions
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@ -17,6 +17,9 @@ on:
    branches:
      - "main" # only PRs against main

+permissions:
+  contents: read
+
 jobs:
  docker:
    runs-on: ubuntu-latest
--- a/.github/workflows/sonar.yml
+++ b/.github/workflows/sonar.yml
@ -1,3 +1,5 @@
+name: Sonar
+
 on:
  # Trigger analysis when pushing in main or pull requests, and when creating a pull request.
  push:
@ -5,7 +7,10 @@ on:
      - main
  pull_request:
      types: [opened, synchronize, reopened]
-name: Sonar
+
+permissions:
+  contents: read
+
 jobs:
  sonarcloud:
    runs-on: ubuntu-latest
--- a/aliexpress.js
+++ b/aliexpress.js
@ -40,7 +40,7 @@ const auth = async (url) => {
  console.log('auth', url);
  await page.goto(url, { waitUntil: 'domcontentloaded' });
  // redirects to https://login.aliexpress.com/?return_url=https%3A%2F%2Fwww.aliexpress.com%2Fp%2Fcoin-pc-index%2Findex.html
-  await Promise.any([page.waitForURL(/.*login.aliexpress.com.*/).then(async () => {
+  await Promise.any([page.waitForURL(/.*login\.aliexpress.com.*/).then(async () => {
    // manual login
    console.error('Not logged in! Will wait for 120s for you to login...');
    // await page.waitForTimeout(120*1000);