| From: | Dave Page <dpage(at)pgadmin(dot)org> |
|---|---|
| To: | Khushboo Vashi <khushboo(dot)vashi(at)enterprisedb(dot)com> |
| Cc: | pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: [pgAdmin4][Patch]: SonarQube Vulnerabilities |
| Date: | 2022-09-14 12:35:19 |
| Message-ID: | CA+OCxozk8=FunZp6fkfUaDT3+S5+K+1jT2OvY0mEG_o-6Lc_Bg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
Hi
On Wed, 14 Sept 2022 at 05:38, Khushboo Vashi <
khushboo(dot)vashi(at)enterprisedb(dot)com> wrote:
> Hi,
>
> I have tried to fix the vulnerabilities reported by SonarQube but it
> didn't work. So I added the verification of region_id (user defined input)
> as discussed in yesterday's meeting and am going to close these issues.
>
I've cleared the first two issues on SonarQube as it doesn't detect the
validation. However, we also need to validate the volume type specified in
the third.
--
Dave Page
Blog: https://pgsnake.blogspot.com
Twitter: @pgsnake
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2022-09-14 14:12:29 | Re: HEADS-UP: Redmine -> Github issue migration |
| Previous Message | Akshay Joshi | 2022-09-14 10:07:30 | Re: [pgAdmin 4][Patch]: #7314 - psycopg2 to psycopg3 migration |