From 0b9a513a5469da9bbe25a5e41887d7cc25aabdfc Mon Sep 17 00:00:00 2001
From: "aikido-autofix[bot]"
 <119856028+aikido-autofix[bot]@users.noreply.github.com>
Date: Wed, 26 Mar 2025 13:40:54 +0000
Subject: [PATCH] fix(security): autofix NoSQL injection attack possible

---
 app/data/contributions-dao.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/data/contributions-dao.js b/app/data/contributions-dao.js
index 00041dac60..13f264f54f 100644
--- a/app/data/contributions-dao.js
+++ b/app/data/contributions-dao.js
@@ -55,7 +55,7 @@ function ContributionsDAO(db) {
 
     this.getByUserId = (userId, callback) => {
         contributionsDB.findOne({
-                userId: userId
+                userId: String(userId)
             },
             (err, contributions) => {
                 if (err) return callback(err, null);
@@ -83,4 +83,4 @@ function ContributionsDAO(db) {
     };
 }
 
-module.exports = { ContributionsDAO };
+module.exports = { ContributionsDAO };