Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API pour les événements #2031

Merged
merged 3 commits into from
Jun 17, 2024
Merged

API pour les événements #2031

merged 3 commits into from
Jun 17, 2024

Conversation

arnaudlevy
Copy link
Member

No description provided.

@arnaudlevy arnaudlevy merged commit 4859a74 into main Jun 17, 2024
3 of 4 checks passed
@arnaudlevy arnaudlevy deleted the api-events branch June 17, 2024 19:19
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 17, 2024
View reviewed changes
app/controllers/api/osuny/communication/websites/events_controller.rb
@@ -0,0 +1,13 @@
class Api::Osuny::Communication::Websites::EventsController < Api::Osuny::Communication::Websites::ApplicationController
skip_before_action :verify_authenticity_token, only: :import

Check failure

Code scanning / CodeQL

CSRF protection weakened or disabled High

Potential CSRF vulnerability due to forgery protection being disabled or weakened.
app/services/importers/api/osuny/communication/website/agenda/event.rb
return if image.blank?
# Not twice
return if object.featured_image.attached?
io = URI.open(image)

Check warning

Code scanning / CodeQL

Use of `Kernel.open` or `IO.read` or similar sinks with a non-constant value Medium

Call to URI.open with a non-constant value. Consider replacing it with URI().open.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SebouChu SebouChu Awaiting requested review from SebouChu SebouChu is a code owner

@pabois pabois Awaiting requested review from pabois pabois is a code owner

@alexisben alexisben Awaiting requested review from alexisben alexisben is a code owner

@Olivia206 Olivia206 Awaiting requested review from Olivia206 Olivia206 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@arnaudlevy