DRAFT (do not merge): CI validation — remove component sync/merge engine from #731#741
DRAFT (do not merge): CI validation — remove component sync/merge engine from #731#741wdower wants to merge 601 commits into
21 new alerts including 1 high severity security vulnerability
New alerts in code changed by this pull request
Security Alerts:
- 1 high
- 9 medium
- 11 low
Alerts not introduced by this pull request might have been detected because the code changes were too large.
See annotations below for details.
Annotations
Check failure on line 42 in docker-compose.schemathesis.yml
Code scanning / SonarCloud
PostgreSQL database passwords should not be disclosed High
Check warning on line 44 in app/javascript/components/shared/FilterGroup.vue
Code scanning / SonarCloud
Pseudorandom number generators (PRNGs) should not be used in security contexts Medium
Check warning on line 36 in app/javascript/components/shared/UserBadge.vue
Code scanning / SonarCloud
Pseudorandom number generators (PRNGs) should not be used in security contexts Medium
Check warning on line 5285 in doc/openapi.yaml
Code scanning / SonarCloud
Credentials should not be hard-coded Medium documentation
Check warning on line 5450 in doc/openapi.yaml
Code scanning / SonarCloud
Credentials should not be hard-coded Medium documentation
Check warning on line 49 in doc/openapi/paths/users_admin_create.yaml
Code scanning / SonarCloud
Credentials should not be hard-coded Medium documentation
Check warning on line 34 in doc/openapi/paths/users_{userId}_set_password.yaml
Code scanning / SonarCloud
Credentials should not be hard-coded Medium documentation
Check warning on line 24 in docker-compose.schemathesis.yml
Code scanning / SonarCloud
Credentials should not be hard-coded Medium
Check warning on line 42 in docker-compose.schemathesis.yml
Code scanning / SonarCloud
Credentials should not be hard-coded Medium
Check warning on line 44 in docker-compose.schemathesis.yml
Code scanning / SonarCloud
Credentials should not be hard-coded Medium
Check notice on line 97 in spec/requests/personal_access_tokens_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 89 in spec/requests/personal_access_tokens_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 102 in spec/requests/api_token_auth_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 183 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 182 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 177 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 176 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 171 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 166 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 112 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test
Check notice on line 112 in spec/models/personal_access_token_spec.rb
Code scanning / SonarCloud
IP addresses should not be hardcoded Low test