From 714c3775df5cf5db9db8998c55c05e930453e0c5 Mon Sep 17 00:00:00 2001
From: ZeroPath <noreply@zeropath.com>
Date: Fri, 25 Jul 2025 00:25:44 +0000
Subject: [PATCH 1/2] fix: [[AQUA-1234]] Disable debug mode in Flask to prevent
 RCE vulnerability

---
 main.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.py b/main.py
index 2454076..cea8e33 100644
--- a/main.py
+++ b/main.py
@@ -120,4 +120,4 @@ def logout():
     return jsonify({"message": "Logout successful"}), 200
 
 if __name__ == '__main__':
-    app.run(debug=True, port=5001)
+    app.run(debug=False, port=5001)

From 5a5cafa15c0444b1476a84b14459eb2cd17ad273 Mon Sep 17 00:00:00 2001
From: ZeroPath <noreply@zeropath.com>
Date: Fri, 25 Jul 2025 00:27:16 +0000
Subject: [PATCH 2/2] feat: Add comments to clarify disabling debug mode in
 production (ABC-123)

---
 main.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/main.py b/main.py
index cea8e33..ff86b36 100644
--- a/main.py
+++ b/main.py
@@ -120,4 +120,6 @@ def logout():
     return jsonify({"message": "Logout successful"}), 200
 
 if __name__ == '__main__':
-    app.run(debug=False, port=5001)
+    # START FIX: disable debug mode for production
+    app.run(debug=False, port=5001)  # Debug disabled
+    # END FIX