XSS via block settings

@larowlan

Was this ever solved to your satisfaction? I know the the second half of your input never was committed.

@sujan shrestha is currently applying for the permission to opt projects into security coverage #3411986: [1.1.x] Google Analytics GA4 → which would appear to make how they handle security issues a relevant discussion.

IF this was the fix, then no - that's not correct https://git.drupalcode.org/project/tui_image_editor/-/commit/a6b20c7679b...

And also, setting the issue to closed (Fixed) means I can't reopen it, fixed is the correct status. automation will set it to closed fixed after two weeks

Hi @larowlan I wasn't aware that automation would set it to closed fixed after two weeks. In the past, I manually closed issues as fixed after testing the module. Now that I understand the automated process, I'll make sure to align with it moving forward. Thank you for clarifying!

I have incorporated the check_markup into the build function. Please review it at https://git.drupalcode.org/project/tui_image_editor/-/blob/1.0.x/src/Plu....

In the past, I wasn't aware of branch naming conventions for module versions and the proper merge process after fixing issues. Consequently, I used to add fixed codes from contributors to my new branch and push it, and proceed. Now, I'm delving deeper into the process, learning the process from my mistakes and rectifying branch naming, descriptions, and addressing previous mistakes. I still appreciate guidance as it will encourage and motivate me to contribute to new modules and address the issues.Thank you.

Use of check markup looks good now 👍 nice one

Hi @larowlan Thank you for providing feedback and corrections. I'm glad to hear that the use of check markup looks good now.

Automatically closed - issue fixed for 2 weeks with no activity.