fix: add allowlist normalization and validation in permissions repair process

2026-02-18 06:31:13 +00:00
parent a7e081da0b
commit 24509dc84f
9 changed files with 323 additions and 671 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -168,6 +168,14 @@ repos:
        verbose: true
        stages: [manual]  # Only runs after CodeQL scans

+      - id: codeql-parity-check
+        name: CodeQL Suite/Trigger Parity Guard (Manual)
+        entry: scripts/ci/check-codeql-parity.sh
+        language: script
+        pass_filenames: false
+        verbose: true
+        stages: [manual]
+
      - id: gorm-security-scan
        name: GORM Security Scanner (Manual)
        entry: scripts/pre-commit-hooks/gorm-security-check.sh