mirror of
https://github.com/crewAIInc/crewAI.git
synced 2026-07-02 13:48:09 +00:00
CodeQL flagged the `"test.openai.azure.com" in llm.endpoint` substring check as incomplete URL sanitization — the substring could match in an arbitrary position. Parse the URL and assert against `urlparse(...).hostname` instead, which is the precise check we want.