Skip to content

feat: triage workspace + PAT auth + upgrade infrastructure + seed dataset + OpenAPI hardening#731

Open
aaronlippold wants to merge 633 commits into
masterfrom
feat/comment-triage-context-panel
Open

feat: triage workspace + PAT auth + upgrade infrastructure + seed dataset + OpenAPI hardening#731
aaronlippold wants to merge 633 commits into
masterfrom
feat/comment-triage-context-panel

feat: Ask What are you authoring? at component creation

c97b5ae
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / SonarCloud failed Jul 14, 2026 in 4s

21 new alerts including 1 high severity security vulnerability

New alerts in code changed by this pull request

Security Alerts:

  • 1 high
  • 9 medium
  • 11 low

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 42 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

PostgreSQL database passwords should not be disclosed High

Make sure this PostgreSQL password gets changed and removed from the code. See more on SonarQube Cloud

Check warning on line 44 in app/javascript/components/shared/FilterGroup.vue

See this annotation in the file changed.

Code scanning / SonarCloud

Pseudorandom number generators (PRNGs) should not be used in security contexts Medium

Make sure that using this pseudorandom number generator is safe here. See more on SonarQube Cloud

Check warning on line 36 in app/javascript/components/shared/UserBadge.vue

See this annotation in the file changed.

Code scanning / SonarCloud

Pseudorandom number generators (PRNGs) should not be used in security contexts Medium

Make sure that using this pseudorandom number generator is safe here. See more on SonarQube Cloud

Check warning on line 5291 in doc/openapi.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 5456 in doc/openapi.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 49 in doc/openapi/paths/users_admin_create.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 34 in doc/openapi/paths/users_{userId}_set_password.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 24 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium

"PASSWORD" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 42 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium

Review this hard-coded URL, which may contain a credential. See more on SonarQube Cloud

Check warning on line 44 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium

"PASSWORD" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check notice on line 97 in spec/requests/personal_access_tokens_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 89 in spec/requests/personal_access_tokens_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 102 in spec/requests/api_token_auth_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 185 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 184 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 179 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 178 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 173 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 168 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 112 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 112 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud