From c1cf8ed4b3c159ee25283a7251743b26c544d7ff Mon Sep 17 00:00:00 2001
From: Timeraider <57343973+GitTimeraider@users.noreply.github.com>
Date: Mon, 6 Oct 2025 10:10:27 +0200
Subject: [PATCH 1/2] Build fixes

---
 .github/workflows/docker-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 6f6510c..ffcfb59 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -46,7 +46,7 @@ jobs:
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
-            type=sha,prefix={{branch}}-
+            type=sha,prefix={{branch}}-,enable=${{ github.event_name == 'push' }}
             type=raw,value=latest,enable={{is_default_branch}}
 
       - name: Build and push Docker image

From 91bef734d4499ca8b9f80372115796b750d8bed7 Mon Sep 17 00:00:00 2001
From: Timeraider <57343973+GitTimeraider@users.noreply.github.com>
Date: Mon, 6 Oct 2025 10:12:04 +0200
Subject: [PATCH 2/2] Potential fix for code scanning alert no. 23: Information
 exposure through an exception

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 app/settings.py | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/app/settings.py b/app/settings.py
index 45c3332..e164421 100644
--- a/app/settings.py
+++ b/app/settings.py
@@ -138,9 +138,20 @@ def test_connection():
             user_message = "Connection test failed. Please check your details and try again or contact support."
             return jsonify({'success': False, 'message': user_message})
 
+        # Only allow pre-approved success messages to be sent back to the user
+        allowed_success_prefixes = [
+            "Successfully connected",
+            "Connected, but domain",
+            "Connected, but domain",
+        ]
+        user_message = "Successfully connected to DirectAdmin."
+        for prefix in allowed_success_prefixes:
+            if message.startswith(prefix):
+                user_message = message
+                break
         result = {
-            'success': success,
-            'message': message
+            'success': True,
+            'message': user_message
         }
         print(f"Sending response: {result}")
         return jsonify(result)