Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix sonar security issues #19324

Merged
merged 3 commits into from
Aug 3, 2022
Merged

Fix sonar security issues #19324

merged 3 commits into from
Aug 3, 2022

Conversation

mshima
Copy link
Member

@mshima mshima commented Aug 3, 2022
edited
Loading

Reverts #19270, which introduced many code smells.
And follows @atomfrede advise to filter logs.

  • add logs safe list.
  • uses colored replacement character.
  • add CRLFLogConverter.CRLF_SAFE_MARKER to skip filter.

Closes #19292
Closes #14949

Please make sure the below checklist is followed for Pull Requests.

When you are still working on the PR, consider converting it to Draft (below reviewers) and adding skip-ci label, you can still see CI build result at your branch.

@mshima mshima requested review from atomfrede and qmonmert August 3, 2022 11:05
atomfrede
atomfrede reviewed Aug 3, 2022
View reviewed changes
generators/server/templates/src/main/java/package/Application.java.ejs
@@ -95,7 +96,9 @@ public class <%= mainClass %> {
} catch (UnknownHostException e) {
log.warn("The host name could not be determined, using `localhost` as fallback");
}
log.info("\n----------------------------------------------------------\n\t" +
log.info(
CRLFLogConverter.CRLF_SAFE_MARKER,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thats nice 👍

atomfrede
atomfrede approved these changes Aug 3, 2022
View reviewed changes
Copy link
Member

@atomfrede atomfrede left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's wait for the "emergency" release before merging it.

@mshima mshima merged commit 6533878 into jhipster:main Aug 3, 2022
@mshima mshima deleted the skip_ci-sonar_log branch August 3, 2022 16:53
@DanielFran DanielFran added this to the 7.9.3 milestone Aug 18, 2022
@DanielFran DanielFran mentioned this pull request Jun 2, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@atomfrede atomfrede atomfrede approved these changes

@qmonmert qmonmert qmonmert approved these changes

Assignees
No one assigned
Labels
theme: front theme: java
Projects
None yet
Milestone
7.9.3
Development

Successfully merging this pull request may close these issues.

Bad sonar security rating
4 participants
@mshima @atomfrede @qmonmert @DanielFran