Merge pull request #18 from meleksabit/stage

meleksabit · web-flow · commit cf5a5d0d82cd · 2025-05-17T00:00:43.000+03:00
security: patch security issues
diff --git a/.github/workflows/pr-title-linter.yml b/.github/workflows/pr-title-linter.yml
@@ -1,5 +1,7 @@
 name: PR Title Check
-
+permissions:
+  contents: read
+  pull-requests: write
 on:
   pull_request:
     types: [opened, edited]
diff --git a/ai-agent/ai_agent.py b/ai-agent/ai_agent.py
@@ -103,7 +103,7 @@ async def health_check():
         raise e
     except Exception as e:
         logger.error(f"Health check failed: {e}")
-        return {"status": "unhealthy", "error": str(e)}
+        return {"status": "unhealthy", "error": "Health check failed due to an internal error"}
 
 # Vault client setup
 @lru_cache(maxsize=1)
@@ -251,3 +251,4 @@ async def poll_blockchain(web3):
 if __name__ == "__main__":
     import uvicorn
     uvicorn.run(app, host="0.0.0.0", port=8000)
+    
diff --git a/go-services/blockchain-monitor/main.go b/go-services/blockchain-monitor/main.go
@@ -4,7 +4,9 @@ import (
     "context"
     "fmt"
     "log"
+    "math"
     "math/big"
+    "errors"
     "net/http"
     "os"
     "strconv"
@@ -150,6 +152,9 @@ func (s *BlockchainService) GetLatestBlock(ctx context.Context) (uint64, error)
 }
 
 func (s *BlockchainService) GetTransactionCount(ctx context.Context, blockNumber uint64) (uint, error) {
+    if blockNumber > uint64(math.MaxInt64) {
+        return 0, errors.New("block number exceeds maximum int64 value")
+    }
     block, err := s.client.BlockByNumber(ctx, big.NewInt(int64(blockNumber)))
     if err != nil {
         return 0, err
