@@ -46,17 +46,22 @@ jobs:
4646 exit 0
4747 fi
4848
49- # Severity breakdown - single-line output with \n escapes for JSON safety
49+ # Severity breakdown - real newlines so jq --arg in the payload
50+ # builder encodes them as proper \n in JSON (Slack renders as breaks).
5051 BY_SEV=$(jq -r '
5152 group_by(.security_advisory.severity)
5253 | map({sev: .[0].security_advisory.severity,
5354 count: length,
5455 weight: ({"critical":0,"high":1,"medium":2,"low":3}[.[0].security_advisory.severity])})
5556 | sort_by(.weight)
5657 | map("• *\(.count)* \(.sev)")
57- | join("\\ n")
58+ | join("\n")
5859 ' open.json)
59- echo "by_severity=$BY_SEV" >> "$GITHUB_OUTPUT"
60+ {
61+ echo "by_severity<<EOF"
62+ echo "$BY_SEV"
63+ echo "EOF"
64+ } >> "$GITHUB_OUTPUT"
6065
6166 # Actions: alerts with <7d to TTR (P0=7d, P1=30d, P2=90d, P3=no deadline)
6267 # Grouped by (package, severity); shows earliest deadline per group.
@@ -78,10 +83,14 @@ jobs:
7883 (if .count > 1 then " ×\(.count)" else "" end) + " - " +
7984 (if .min_remaining < 0 then "*OVERDUE* by \(-.min_remaining)d"
8085 else "\(.min_remaining)d remaining" end)
81- ) | join("\\ n"))
86+ ) | join("\n"))
8287 end
8388 ' open.json)
84- echo "actions=$ACTIONS" >> "$GITHUB_OUTPUT"
89+ {
90+ echo "actions<<EOF"
91+ echo "$ACTIONS"
92+ echo "EOF"
93+ } >> "$GITHUB_OUTPUT"
8594
8695name : Fetch open dependabot PRs
8796 id : prs
@@ -97,10 +106,14 @@ jobs:
97106 fi
98107 LIST=$(echo "$PR_JSON" | jq -r --arg url "$REPO_URL" '
99108 if length == 0 then "_None_"
100- else (map("• <\($url)/pull/\(.number)|#\(.number)> \(.title)") | join("\\ n"))
109+ else (map("• <\($url)/pull/\(.number)|#\(.number)> \(.title)") | join("\n"))
101110 end
102111 ')
103- echo "list=$LIST" >> "$GITHUB_OUTPUT"
112+ {
113+ echo "list<<EOF"
114+ echo "$LIST"
115+ echo "EOF"
116+ } >> "$GITHUB_OUTPUT"
104117
105118name : Find latest npm dependabot run
106119 id : latest
@@ -125,19 +138,31 @@ jobs:
125138 echo "section=" >> "$GITHUB_OUTPUT"
126139 exit 0
127140 fi
128- HEADER="\\n\\ n*Couldn't auto-fix (need manual \ `pnpm.overrides\ `):*\\n"
141+ HEADER=$'\n\ n*Couldn\ 't auto-fix (need manual `pnpm.overrides`):*\n'
129142 if [ -z "$RUN_ID" ]; then
130- echo "section=${HEADER}_(no recent npm run found)_" >> "$GITHUB_OUTPUT"
143+ {
144+ echo "section<<EOF"
145+ echo "${HEADER}_(no recent npm run found)_"
146+ echo "EOF"
147+ } >> "$GITHUB_OUTPUT"
131148 exit 0
132149 fi
133150 gh run view "$RUN_ID" --repo "$REPO" --log > log.txt 2>&1 || true
134151 STUCK=$(grep -oE "No update possible for [^[:space:]]+ [0-9][^[:space:]]*" log.txt | sed 's/No update possible for //' | sort -u || true)
135152 if [ -z "$STUCK" ]; then
136- echo "section=${HEADER}_None_" >> "$GITHUB_OUTPUT"
153+ {
154+ echo "section<<EOF"
155+ echo "${HEADER}_None_"
156+ echo "EOF"
157+ } >> "$GITHUB_OUTPUT"
137158 exit 0
138159 fi
139- LIST=$(echo "$STUCK" | awk 'NR>1{printf "\\n"} {printf "• *%s* %s", $1, $2}')
140- echo "section=${HEADER}${LIST}" >> "$GITHUB_OUTPUT"
160+ LIST=$(echo "$STUCK" | awk 'NR>1{printf "\n"} {printf "• *%s* %s", $1, $2}')
161+ {
162+ echo "section<<EOF"
163+ echo "${HEADER}${LIST}"
164+ echo "EOF"
165+ } >> "$GITHUB_OUTPUT"
141166
142167name : Build Slack payload
143168 env :
0 commit comments