Skip to content

Addresses CodeQL issues #3000

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
gingi wants to merge 1 commit into
base: main
Choose a base branch
from
+8 −8
Open

Addresses CodeQL issues #3000

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CodeQL.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
path_classifiers:
generated:
- "web/lib-umd/*.js"
8 changes: 3 additions & 5 deletions desktop/scripts/publish/publish.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,6 @@ import {
createIssue, createPullRequest, getMilestone, githubToken, listMilestoneIssues, listPullRequests,
} from "./github-api";

const MAIN_BRANCH = "main";

const root = path.resolve(path.join(__dirname, "../../.."));
const allMessages: string[] = [];
const repoName = "Azure/BatchExplorer";
Expand All @@ -34,7 +32,7 @@ function success(message: string) {

async function run(command: string): Promise<{ stdout: string, stderr: string }> {
return new Promise<{ stdout: string, stderr: string }>((resolve, reject) => {
exec(command, { maxBuffer: 100_000_000 }, (error, stdout, stderr) => {
exec(command, { maxBuffer: 100_000_000 }, (error, stdout, stderr) => { // CodeQL [SM01509] This is a dev tool, not used in production or by customers.
if (error) {
reject(error);
return;
Expand All @@ -57,9 +55,9 @@ function checkGithubToken() {
* This goes back to the main branch and pulls the latest
*/
async function gotoMainBranch() {
await run(`git checkout ${MAIN_BRANCH}`);
await run(`git checkout main`);
await run("git pull");
success(`Checkout to ${MAIN_BRANCH} branch and pulled latest`);
success(`Checkout to main branch and pulled latest`);
}

async function loadMilestone(milestoneId: number) {
Expand Down
2 changes: 1 addition & 1 deletion desktop/src/app/services/azure-batch/certificate/certificate.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -210,7 +210,7 @@ export class CertificateService {
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore start is not in the @types/node-forge
md.start();
md.update(certDer);
md.update(certDer); // CodeQL [SM01510] Used only to generate identification thumbprint, not for security purposes
const digest = md.digest();
return digest.toHex();
}
Expand Down
2 changes: 1 addition & 1 deletion desktop/src/app/utils/storage-utils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ export class StorageUtils {
private static async _getJobIdHash(jobId: string): Promise<string> {
const jobIdBytes = new TextEncoder().encode(jobId);

const hash = await crypto.subtle.digest("SHA-1", jobIdBytes);
const hash = await crypto.subtle.digest("SHA-1", jobIdBytes); // CodeQL [SM04514] SHA-1 is only used for generating unique identifiers, not for security purposes
return this._hex(hash);
}

Expand Down
1 change: 0 additions & 1 deletion desktop/src/client/main-window/main-window.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,6 @@ export class MainWindow extends GenericWindow {
show: false, // Don't show the window until it is ready
titleBarStyle: process.platform === "darwin" ? "hidden" : "default",
webPreferences: {
webSecurity: false,
allowRunningInsecureContent: false,
nodeIntegration: true,
contextIsolation: false,
Expand Down