feat: sanitize GitHub user identifiers to handle special characters

[dennis-bilson-port]

User description

Handle bot user identifiers (which have [] in their names) which break the relationship between the pull requests and their respective users.

Updated docs pages

Please also include the path for the updated docs

• Quickstart (/)
• Blueprint (/build-your-software-catalog/sync-data-to-catalog/git/github-ocean/examples/)

---

PR Type

Enhancement, Bug fix

---

Description

• Sanitize GitHub user identifiers to handle special characters

• Replace .user.login with .creator.login in pull request mappings

• Apply regex substitution to remove square brackets from usernames

• Update team member and pull request reviewer identifier mappings

---

Diagram Walkthrough

flowchart LR
  A["GitHub User Data<br/>with special chars"] -- "Apply gsub regex<br/>sanitization" --> B["Sanitized Identifiers<br/>without brackets"]
  B --> C["Pull Request<br/>Mappings"]
  B --> D["Team Member<br/>Mappings"]

Loading

File Walkthrough

Relevant files

Bug fix

_github_exporter_example_port_app_config.mdx Sanitize pull request user identifiers with regex                docs/build-your-software-catalog/sync-data-to-catalog/git/github-ocean/examples/_github_exporter_example_port_app_config.mdx Changed creator field from .user.login to .creator.login Added regex sanitization to remove square brackets from creator, assignees, and reviewers Applied three-step gsub pattern to handle leading brackets, middle brackets, and trailing brackets +3/-3      _github_team_member_port_app_config.mdx Sanitize team member identifiers with regex                            docs/build-your-software-catalog/sync-data-to-catalog/git/github-ocean/examples/example-team-members/_github_team_member_port_app_config.mdx Added regex sanitization to team member login identifiers in relations mapping Applied gsub pattern to remove square brackets from team member identifiers Updated team member entity identifier mapping with bracket removal logic +2/-2

---

[aws-amplify-eu-west-1]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-2944.d2ngvl90zqbob8.amplifyapp.com

[qodo-merge-pro]

PR Compliance Guide 🔍

(Compliance updated until commit 52435ac)

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: No logging context: The added mappings and regex sanitization are configuration/docs changes with no evidence of logging for critical actions, so audit trail compliance cannot be assessed from this diff. Referred Code creator: (.user.login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")) assignees: '[.assignees[].login | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]' reviewers: '[.requested_reviewers[].login | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]'
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: No error handling: The changes add configuration and docs with regex-based sanitization but do not show error handling or edge-case management for missing fields or malformed inputs, which may exist elsewhere. Referred Code admins: "[.__collaborators[] | select(.is_admin == true) | .login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]" - kind: user selector: query: "true" includeBots: "false" port: entity: mappings: identifier: .login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "") title: if (.name != "" and .name) then .name else .login end
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: No user messaging: The diff is documentation and configuration without user-facing error messages, so we cannot verify secure error handling practices from this change alone. Referred Code identifier: .login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "") title: .login blueprint: '"githubTeamMember"' properties: name: .name </details></details></td></tr> <tr><td><details> <summary><strong>Generic: Secure Logging Practices</strong></summary><br> **Objective:** To ensure logs are useful for debugging and auditing without exposing sensitive <br>information like PII, PHI, or cardholder data.<br> **Status:** <br><a href='https://github.com/port-labs/port-docs/pull/2944/files#diff-514146aa0dc5828f39aa919406941e5b8ef13b9583d632a4d77d558b149d97a8R33-R35'><strong>No logging shown</strong></a>: The additions are mapping and sanitization rules with no logging statements, so we cannot <br>confirm whether sensitive data is logged or that logs are structured.<br> <details open><summary>Referred Code</summary> ```txt creator: (.user.login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")) assignees: '[.assignees[].login | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]' reviewers: '[.requested_reviewers[].login | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]'

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

---

Previous compliance checks

Compliance check up to commit f7de3df

Security Compliance
⚪	Identifier collision risk Description: Sanitizing by removing brackets from usernames may cause identifier collisions (e.g., '[bot]' vs 'bot' or different names differing only by brackets) leading to incorrect user associations. _github_exporter_example_port_app_config.mdx [33-35] Referred Code creator: .creator.login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "") assignees: "[.assignees[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]" reviewers: "[.requested_reviewers[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]"
	Identifier collision risk Description: Removing brackets from team member logins for identifiers may produce non-unique IDs across members whose only difference is bracket placement, enabling unintended overwrites or mis-links. _github_team_member_port_app_config.mdx [22-32] Referred Code team_member: '[.members.nodes[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]' - kind: team selector: query: 'true' members: true port: itemsToParse: .members.nodes entity: mappings: identifier: .login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "") title: .login
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: No logging context: The added mappings focus on identifier sanitization in configuration docs and do not add or modify any audit logging for critical actions, leaving it unclear whether audit trail requirements are met elsewhere. Referred Code creator: .creator.login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "") assignees: "[.assignees[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]" reviewers: "[.requested_reviewers[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]"
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: No error handling: The new regex-based sanitization in mappings lacks explicit error handling or fallbacks for null/empty logins or unexpected formats, which may cause failures depending on the runtime evaluator. Referred Code team_member: '[.members.nodes[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]' - kind: team

[qodo-merge-pro]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Simplify complex sanitization logic Simplify the complex three-step gsub chain for sanitizing usernames. Replace it with a two-step chain that replaces [ with - and removes ]. docs/build-your-software-catalog/sync-data-to-catalog/git/github-ocean/examples/_github_exporter_example_port_app_config.mdx [33-35] -creator: .creator.login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "") -assignees: "[.assignees[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]" -reviewers: "[.requested_reviewers[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]" +creator: .creator.login | gsub("\\["; "-") | gsub("\\]"; "") +assignees: "[.assignees[].login | gsub("\\["; "-") | gsub("\\]"; "")]" +reviewers: "[.requested_reviewers[].login | gsub("\\["; "-") | gsub("\\]"; "")]" Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies that the three-step gsub chain is overly complex and proposes a simpler, more readable alternative that achieves the same primary goal of sanitizing bot user names like app[bot].	Low
Organization best practice	✅ Add line numbers to code blocks Suggestion Impact: The YAML code block was updated to include the showLineNumbers flag. code diff: ```yaml showLineNumbers Add the showLineNumbers flag to multi-line YAML code blocks to improve readability and align with docs standards. docs/build-your-software-catalog/sync-data-to-catalog/git/github-ocean/examples/example-team-members/_github_team_member_port_app_config.mdx [1-36] -```yaml +```yaml showLineNumbers ... team_member: '[.members.nodes[].login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "")]' ... identifier: .login | gsub("\\["; "-") | gsub("\\](?=[^$])"; "-") | gsub("\\]$"; "") ... `[To ensure code accuracy, apply this suggestion manually]` <details><summary>Suggestion importance[1-10]: 6</summary> __ Why: Relevant best practice - Code examples with multiple lines should enable line numbers for clarity. </details></details></td><td align=center>Low </td></tr> <tr><td align="center" colspan="2"> - [ ] Update <!-- /improve_multi --more_suggestions=true --> </td><td></td></tr></tbody></table>

[mk-armah]

LGTM