Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test: use codeql compatible token / passwords #11297

Merged
merged 5 commits into from Sep 9, 2021
Merged

Conversation

@viceice
Copy link
Collaborator

@viceice viceice commented Aug 17, 2021

Changes:

Replace dummy passwords / token with codeql compatible values, so we don't get false positives

Context:

https://github.com/github/codeql/blob/221a25993854d41ea455e91e146fe5ea0e8bd0ff/javascript/ql/src/semmle/javascript/security/SensitiveActions.qll#L183

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please tick one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added/modified unit tests, or
  • No unit tests but ran on a real repository, or
  • Both unit tests + ran on a real repository
@viceice viceice requested a review from rarkins Aug 17, 2021
@viceice viceice requested a review from JamieMagee as a code owner Aug 17, 2021
@rarkins
Copy link
Collaborator

@rarkins rarkins commented Aug 17, 2021

Any easy way to confirm that it's worked? Not sure if CodeQL give us that detail after I have dismissed them previously

@viceice
Copy link
Collaborator Author

@viceice viceice commented Aug 17, 2021

Any easy way to confirm that it's worked? Not sure if CodeQL give us that detail after I have dismissed them previously

No, but i see new issues in pr checks, so i can at least fix those

@viceice
Copy link
Collaborator Author

@viceice viceice commented Aug 17, 2021

Looks like special chars are not allowed for codeql 😕

@viceice viceice marked this pull request as draft Aug 17, 2021
@viceice viceice marked this pull request as ready for review Sep 9, 2021
@viceice
Copy link
Collaborator Author

@viceice viceice commented Sep 9, 2021

Now ready to review

rarkins
rarkins approved these changes Sep 9, 2021
@viceice viceice merged commit 11aa3ba into main Sep 9, 2021
8 checks passed
@viceice viceice deleted the test/auth-token-codeql branch Sep 9, 2021
@renovate-release
Copy link
Collaborator

@renovate-release renovate-release commented Sep 9, 2021

🎉 This PR is included in version 27.3.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 10, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants