Fix more shapes of `log-injection` #485

nahsra · 2024-12-12T19:31:57Z

This change fixes more shapes of log injection vulnerabilities, and bumps the toolkit version to guarantee safety when passing non-String types to stripAll.

sonarqubecloud · 2024-12-12T19:53:56Z

Quality Gate passed

Issues
2 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

nahsra added 2 commits December 11, 2024 17:40

fix more log injection code shapes

0480940

fix method name and bump toolkit version

609f351

nahsra requested a review from drdavella December 12, 2024 19:32

drdavella approved these changes Dec 12, 2024

View reviewed changes

fix method name in tests, add one more test

1f9774c

nahsra enabled auto-merge (squash) December 12, 2024 19:53

nahsra merged commit 394739f into main Dec 12, 2024
8 checks passed

nahsra deleted the feature/improve-log-injection branch December 12, 2024 20:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fix more shapes of `log-injection` #485

Fix more shapes of `log-injection` #485

Uh oh!

nahsra commented Dec 12, 2024

Uh oh!

sonarqubecloud bot commented Dec 12, 2024

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Fix more shapes of log-injection #485

Fix more shapes of log-injection #485

Uh oh!

Conversation

nahsra commented Dec 12, 2024

Uh oh!

sonarqubecloud bot commented Dec 12, 2024

Quality Gate passed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Fix more shapes of `log-injection` #485

Fix more shapes of `log-injection` #485