Skip to content

Potential fix for code scanning alert no. 1: Clear-text logging of sensitive information#116

Draft
chenyuan99 wants to merge 1 commit into
developfrom
alert-autofix-1
Draft

Potential fix for code scanning alert no. 1: Clear-text logging of sensitive information#116
chenyuan99 wants to merge 1 commit into
developfrom
alert-autofix-1

Conversation

@chenyuan99

@chenyuan99 chenyuan99 commented May 24, 2026

Copy link
Copy Markdown
Owner

Potential fix for https://github.com/chenyuan99/offerplus/security/code-scanning/1

The best fix is to remove or mask sensitive fields in verification logs while preserving the verification purpose.
In supabase/scripts/upload_to_supabase.py, specifically in verify_upload() around line 280, replace the detailed per-record print (Case, Employer, Status) with a safe summary that does not expose private values. A good minimal-impact approach is to log only record index and presence of fields (or just status if considered non-sensitive), not actual case_number/employer_name values.

Single best change without altering functionality materially:

  • Keep the sample-record loop so verification still shows that records are returned.
  • Replace clear-text values with redacted placeholders ([REDACTED]) for case_number and employer_name.
  • Leave count/statistics logic untouched.

No new imports, helper methods, or dependencies are required.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

@chenyuan99 @github-advanced-security
Potential fix for code scanning alert no. 1: Clear-text logging of se…
60cf2cf 
…nsitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@vercel

vercel Bot commented May 24, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
offerplus Ready Ready Preview, Comment May 24, 2026 3:33pm

@supabase

supabase Bot commented May 24, 2026
edited
Loading

Copy link
Copy Markdown

Updates to Preview Branch (alert-autofix-1) ↗︎

Deployments Status Updated
Database Sun, 24 May 2026 15:33:07 UTC
Services Sun, 24 May 2026 15:33:07 UTC
APIs Sun, 24 May 2026 15:33:07 UTC

Tasks are run on every commit but only new migration files are pushed.
Close and reopen this PR if you want to apply changes from existing seed or migration files.

Tasks Status Updated
Configurations Sun, 24 May 2026 15:33:15 UTC
Migrations Sun, 24 May 2026 15:33:17 UTC
Seeding ⏸️ Sun, 24 May 2026 15:33:02 UTC
Edge Functions ⏸️ Sun, 24 May 2026 15:33:02 UTC

❌ Branch Error • Sun, 24 May 2026 15:33:18 UTC

ERROR: operator does not exist: text = uuid (SQLSTATE 42883)
At statement: 1
-- Allow authenticated users to upload files to their own directory
create policy "Allow users to upload their own resumes"
on storage.objects for insert
with check (
    bucket_id = 'resumes'
    and auth.role() = 'authenticated'
    and (storage.foldername(name))[1] = auth.uid()
)

View logs for this Workflow Run ↗︎.
Learn more about Supabase for Git ↗︎.

@sonarqubecloud

sonarqubecloud Bot commented May 24, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chenyuan99