From 1901ba453bc6912aee972bf73a08fc261591c9cd Mon Sep 17 00:00:00 2001
From: "S. Dale Morrey" <86517969+devlux76@users.noreply.github.com>
Date: Tue, 18 Feb 2025 12:15:15 -0700
Subject: [PATCH 1/2] Create dependabot.yml

---
 .github/dependabot.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..9d866e39
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "pip" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

From ba45c51705fbbdf7776d28bb2d2f27daeca83f61 Mon Sep 17 00:00:00 2001
From: "S. Dale Morrey" <86517969+devlux76@users.noreply.github.com>
Date: Tue, 18 Feb 2025 12:16:44 -0700
Subject: [PATCH 2/2] Potential fix for code scanning alert no. 3: Bad HTML
 filtering regexp

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 requirements.txt                          | 3 ++-
 src/utilities/syntax_checker_functions.py | 6 ++----
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index e0e73e24..d20fc90c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -30,4 +30,5 @@ pyright==1.1.390
 ruff==0.8.2
 httpx==0.27.2
 questionary==2.1.0
-pathspec==0.12.1
\ No newline at end of file
+pathspec==0.12.1
+bleach==6.2.0
\ No newline at end of file
diff --git a/src/utilities/syntax_checker_functions.py b/src/utilities/syntax_checker_functions.py
index d6b778fc..fa44237e 100644
--- a/src/utilities/syntax_checker_functions.py
+++ b/src/utilities/syntax_checker_functions.py
@@ -3,6 +3,7 @@
 import sass
 from lxml import etree
 import re
+import bleach
 from src.utilities.print_formatters import print_formatted
 
 
@@ -145,10 +146,7 @@ def parse_vue_basic(content):
     if template_part_response != "Valid syntax":
         return template_part_response
 
-    try:
-        script = re.search(r'<script[^>]*>(.*?)</script>', content, re.DOTALL).group(1)
-    except AttributeError:
-        return "Script part has no valid open/closing tags."
+    script = bleach.clean(content, tags=[], strip=True)
     script_part_response = check_bracket_balance(script)
     if script_part_response != "Valid syntax":
         return script_part_response