Skip to content

DRAFT (do not merge): CI validation — remove component sync/merge engine from #731#741

Closed
wdower wants to merge 601 commits into
masterfrom
chore/731-remove-merge-engine
Closed

DRAFT (do not merge): CI validation — remove component sync/merge engine from #731#741
wdower wants to merge 601 commits into
masterfrom
chore/731-remove-merge-engine

fix: Restore #731 Gemfile.lock + drop merge tests from validator spec

7ef2830
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / SonarCloud failed Jul 12, 2026 in 2s

21 new alerts including 1 high severity security vulnerability

New alerts in code changed by this pull request

Security Alerts:

  • 1 high
  • 9 medium
  • 11 low

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 42 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

PostgreSQL database passwords should not be disclosed High

Make sure this PostgreSQL password gets changed and removed from the code. See more on SonarQube Cloud

Check warning on line 44 in app/javascript/components/shared/FilterGroup.vue

See this annotation in the file changed.

Code scanning / SonarCloud

Pseudorandom number generators (PRNGs) should not be used in security contexts Medium

Make sure that using this pseudorandom number generator is safe here. See more on SonarQube Cloud

Check warning on line 36 in app/javascript/components/shared/UserBadge.vue

See this annotation in the file changed.

Code scanning / SonarCloud

Pseudorandom number generators (PRNGs) should not be used in security contexts Medium

Make sure that using this pseudorandom number generator is safe here. See more on SonarQube Cloud

Check warning on line 5285 in doc/openapi.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 5450 in doc/openapi.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 49 in doc/openapi/paths/users_admin_create.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 34 in doc/openapi/paths/users_{userId}_set_password.yaml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium documentation

"password" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 24 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium

"PASSWORD" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check warning on line 42 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium

Review this hard-coded URL, which may contain a credential. See more on SonarQube Cloud

Check warning on line 44 in docker-compose.schemathesis.yml

See this annotation in the file changed.

Code scanning / SonarCloud

Credentials should not be hard-coded Medium

"PASSWORD" detected here, make sure this is not a hard-coded credential. See more on SonarQube Cloud

Check notice on line 97 in spec/requests/personal_access_tokens_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 89 in spec/requests/personal_access_tokens_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 102 in spec/requests/api_token_auth_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 183 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 182 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 177 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 176 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 171 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 166 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 112 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud

Check notice on line 112 in spec/models/personal_access_token_spec.rb

See this annotation in the file changed.

Code scanning / SonarCloud

IP addresses should not be hardcoded Low test

Make sure using this hardcoded IP address is safe here. See more on SonarQube Cloud