fix(transport): add 'Parameters' to blocker-scan denylist

Inbound API scripts access request parameters via the Parameters runtime API root (Parameters.x or Parameters["x"]). The blocker heuristic was flagging it as a missing SharedScript or ExternalSystem on bundles that include ApiMethod scripts. Same surgical fix as the other entries on KnownNonReferenceNames.
2026-05-24 08:18:49 -04:00
parent 901fd58a32
commit 438f59e74e
1 changed files with 2 additions and 2 deletions
--- a/src/ScadaLink.Transport/Import/BundleImporter.cs
+++ b/src/ScadaLink.Transport/Import/BundleImporter.cs
@@ -461,8 +461,8 @@ public sealed class BundleImporter : IBundleImporter
        "Connection", "CreateCommand", "Database", "ExecuteAsync",
        "ExecuteNonQueryAsync", "ExecuteReaderAsync", "ExecuteScalarAsync",
        "ExternalSystem", "GetAsync", "GetAttribute", "Instance", "Notify",
-        "Request", "Response", "Route", "Scheduler", "Scripts", "Send",
-        "SetAsync", "SetAttribute",
+        "Parameters", "Request", "Response", "Route", "Scheduler", "Scripts",
+        "Send", "SetAsync", "SetAttribute",

        // SQL keywords commonly seen inside string literals
        "COUNT", "FROM", "GROUP", "INSERT", "JOIN", "ORDER", "SELECT",