fix(security): sanitize logs, redact secrets, harden XML parsing

Address actionable CodeQL security-extended findings and extend the same redaction to the debug JSONL logger
2026-06-11 11:42:06 +00:00 · 2026-06-09 19:08:41 -06:00
parent 2d43c2601e
commit 7064d261c2
11 changed files with 123 additions and 46 deletions
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -67,6 +67,7 @@ dependencies = [
    "animeapi-py>=0.6.0",
    "rnet>=2.4.2",
    "bandit>=1.9.4",
+    "defusedxml>=0.7.1",
 ]

 [project.urls]