fix: Remove unnecessary async keywords from synchronous functions#20
Merged
Conversation
- Fixed 62 SonarCloud code smell issues where functions were marked async but didn't use any async features - Removed async keyword from functions that perform only synchronous operations - Updated corresponding await calls to regular function calls - Improves code clarity and prevents confusion about function behavior This addresses SonarCloud's 'Use asynchronous features in this function or remove the async keyword' warnings
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| Script to fix async/await issues reported by SonarCloud | ||
| Removes async keyword from functions that don't use async features | ||
| """ | ||
| import re |
Check notice
Code scanning / CodeQL
Unused import Note
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 9 months ago
To fix this problem, the best approach is to remove the unused import statement for the re module from fix_async_issues.py. Specifically, you should delete line 6 (import re), leaving other import statements unchanged. This will clean up the code, reduce unnecessary dependencies, and improve readability with no impact on functionality.
Suggested changeset
1
fix_async_issues.py
| @@ -3,7 +3,6 @@ | ||
| Script to fix async/await issues reported by SonarCloud | ||
| Removes async keyword from functions that don't use async features | ||
| """ | ||
| import re | ||
| import os | ||
| from pathlib import Path | ||
|
|
Copilot is powered by AI and may make mistakes. Always verify output.
| Removes async keyword from functions that don't use async features | ||
| """ | ||
| import re | ||
| import os |
Check notice
Code scanning / CodeQL
Unused import Note
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 9 months ago
To fix the Unused import problem, you should remove the import os statement from line 7 of fix_async_issues.py. This will clean up the code by eliminating an unnecessary dependency, making the codebase easier to read and maintain. This is a one-line edit to the imports section at the top of the file.
Suggested changeset
1
fix_async_issues.py
| @@ -4,7 +4,6 @@ | ||
| Removes async keyword from functions that don't use async features | ||
| """ | ||
| import re | ||
| import os | ||
| from pathlib import Path | ||
|
|
||
| # Files with async issues based on SonarCloud report |
Copilot is powered by AI and may make mistakes. Always verify output.
4 tasks
remyluslosius
added a commit
that referenced
this pull request
Sep 7, 2025
…lnerabilities ## Critical Security Fixes ### Fixed GitHub Security Alert #20 - **Alert Type**: py/clear-text-logging-sensitive-data (CWE-312, CWE-359, CWE-532) - **Severity**: HIGH - **Root Cause**: SSH usernames and authentication details logged in clear text ### Authentication Data Redaction - ✅ host_monitor.py:346 - SSH connectivity logging with username exposure - ✅ scap_scanner.py:116 - SSH connection testing with username exposure - ✅ error_classification.py:652 - Pre-flight validation with username exposure - ✅ auth_service.py:355 - Legacy credential resolution with username exposure - ✅ mfa_service.py:229,301,305 - MFA operations with username exposure - ✅ session_migration_service.py:108 - Session migration with username exposure ### Critical Hardcoded Credential Fix - ✅ terminal_service.py:208-211 - Removed hardcoded passwords from source code - ✅ Migrated test credentials to environment variables for secure storage - ✅ Enhanced logging security for credential usage ### Security Impact Mitigated - **Information Disclosure**: Usernames no longer exposed in application logs - **Social Engineering Protection**: Real usernames redacted from audit trails - **Compliance Enhancement**: Authentication details properly sanitized - **Credential Protection**: Hardcoded passwords eliminated from codebase ## Code Changes Applied - All sensitive authentication data replaced with `***REDACTED***` in logs - Environment variable integration for test credentials - Import statement additions where required - Comprehensive logging security review completed ## Verification - GitHub CodeQL security alert #20 should now be resolved - Log files will no longer contain clear-text usernames or credentials - Test environment credentials secured through proper configuration management 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR addresses 62 SonarCloud code smell issues where functions were marked as async but didn't use any asynchronous features.
Changes
Files Modified
Testing
This addresses SonarCloud's 'Use asynchronous features in this function or remove the async keyword' warnings.