From 004ca5d5cc7a2c35bdc63654095e3aad99892c84 Mon Sep 17 00:00:00 2001 From: Devasy Patel <110348311+Devasy23@users.noreply.github.com> Date: Wed, 18 Sep 2024 21:33:45 +0530 Subject: [PATCH 1/4] Fix code scanning alert #78: Log Injection Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- API/route.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/API/route.py b/API/route.py index e4c9dd3..09ce968 100644 --- a/API/route.py +++ b/API/route.py @@ -392,7 +392,8 @@ async def delete_employees(EmployeeCode: int): """ logging.info('Deleting Employee') - logging.debug(f"Deleting for EmployeeCode: {EmployeeCode}") + sanitized_employee_code = re.sub(r'\D', '', str(EmployeeCode)) + logging.debug(f"Deleting for EmployeeCode: {sanitized_employee_code}") client2.find_one_and_delete(collection2, {'EmployeeCode': EmployeeCode}) return {'Message': 'Successfully Deleted'} From f5c954ed80178f65aef8a14df08383a9ab2f1f18 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Wed, 18 Sep 2024 16:06:40 +0000 Subject: [PATCH 2/4] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- requirements.txt | Bin 6810 -> 6811 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/requirements.txt b/requirements.txt index e1d8dd723b0a2692dbccc08fce900a3881006862..b7f084412b8bf949ee6d03a3ec5a05fee2975267 100644 GIT binary patch delta 12 TcmbPbI@@%kQiT*F*90X19HIll delta 11 ScmbPjI?Hr&rIgZ!3Ml{@*90m6 From 08af9a56f1f0095eb2ccee346c71619d40f491c8 Mon Sep 17 00:00:00 2001 From: Devasy Patel <110348311+Devasy23@users.noreply.github.com> Date: Wed, 18 Sep 2024 21:37:06 +0530 Subject: [PATCH 3/4] Apply code scanning fix for log injection Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- API/route.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/API/route.py b/API/route.py index 09ce968..b96e416 100644 --- a/API/route.py +++ b/API/route.py @@ -392,7 +392,7 @@ async def delete_employees(EmployeeCode: int): """ logging.info('Deleting Employee') - sanitized_employee_code = re.sub(r'\D', '', str(EmployeeCode)) + sanitized_employee_code = re.sub(r'\D', '', str(EmployeeCode)).replace('\n', '').replace('\r', '') logging.debug(f"Deleting for EmployeeCode: {sanitized_employee_code}") client2.find_one_and_delete(collection2, {'EmployeeCode': EmployeeCode}) From 9fa0c9eaff80268485867eec2ea40c01dcc4561e Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Wed, 18 Sep 2024 16:10:51 +0000 Subject: [PATCH 4/4] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- API/route.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/API/route.py b/API/route.py index b96e416..56aa06a 100644 --- a/API/route.py +++ b/API/route.py @@ -392,7 +392,8 @@ async def delete_employees(EmployeeCode: int): """ logging.info('Deleting Employee') - sanitized_employee_code = re.sub(r'\D', '', str(EmployeeCode)).replace('\n', '').replace('\r', '') + sanitized_employee_code = re.sub(r'\D', '', str( + EmployeeCode)).replace('\n', '').replace('\r', '') logging.debug(f"Deleting for EmployeeCode: {sanitized_employee_code}") client2.find_one_and_delete(collection2, {'EmployeeCode': EmployeeCode})