Skip to content

Merge stash master to GitHub master#50

Merged
vishaalcharpe merged 198 commits into
masterfrom
merge-stash-master-to-github-master
Jun 9, 2026
Merged

Merge stash master to GitHub master#50
vishaalcharpe merged 198 commits into
masterfrom
merge-stash-master-to-github-master

merge-stash:

acbce18
Select commit
Loading
Failed to load commit list.
Veracode Workflow App / Veracode Static Code Analysis - Pipeline succeeded May 28, 2026 in 4m 12s

Veracode Static Code Analysis

Here's the summary of the scan result.

Annotations

Check warning on line 28 in code/aws.go

See this annotation in the file changed.

@veracode-workflow-app veracode-workflow-app / Veracode Static Code Analysis - Pipeline

Information Exposure Through an Error Message

Filename: code/aws.go
Line: 28
CWE: 209 (Information Exposure Through an Error Message)

 The application calls the log::Println() function, which may expose information about the application logic or other details such as the names and versions of the application container and associated components.  This information can be useful in executing other attacks and can also enable the attacker to target known vulnerabilities in application components. The first argument to Println() contains data from an error message (possibly containing untrusted data). The data from an error message (possibly containing untrusted data) originated from earlier calls to io.ReadAll, and net.http.Client.Do.
Ensure that error codes or other messages returned to end users are not overly verbose.  Sanitize all messages of any sensitive information that is not absolutely necessary.
References: <a href="https://cwe.mitre.org/data/definitions/209.html">CWE</a>

Check warning on line 35 in code/aws.go

See this annotation in the file changed.

@veracode-workflow-app veracode-workflow-app / Veracode Static Code Analysis - Pipeline

Information Exposure Through an Error Message

Filename: code/aws.go
Line: 35
CWE: 209 (Information Exposure Through an Error Message)

 The application calls the log::Println() function, which may expose information about the application logic or other details such as the names and versions of the application container and associated components.  This information can be useful in executing other attacks and can also enable the attacker to target known vulnerabilities in application components. The first argument to Println() contains data from an error message (possibly containing untrusted data). The data from an error message (possibly containing untrusted data) originated from earlier calls to io.ReadAll, and net.http.Client.Do.
Ensure that error codes or other messages returned to end users are not overly verbose.  Sanitize all messages of any sensitive information that is not absolutely necessary.
References: <a href="https://cwe.mitre.org/data/definitions/209.html">CWE</a>

Check warning on line 42 in code/aws.go

See this annotation in the file changed.

@veracode-workflow-app veracode-workflow-app / Veracode Static Code Analysis - Pipeline

Information Exposure Through an Error Message

Filename: code/aws.go
Line: 42
CWE: 209 (Information Exposure Through an Error Message)

 The application calls the log::Println() function, which may expose information about the application logic or other details such as the names and versions of the application container and associated components.  This information can be useful in executing other attacks and can also enable the attacker to target known vulnerabilities in application components. The first argument to Println() contains data from an error message (possibly containing untrusted data). The data from an error message (possibly containing untrusted data) originated from earlier calls to io.ReadAll, and net.http.Client.Do.
Ensure that error codes or other messages returned to end users are not overly verbose.  Sanitize all messages of any sensitive information that is not absolutely necessary.
References: <a href="https://cwe.mitre.org/data/definitions/209.html">CWE</a>

Check warning on line 47 in code/aws.go

See this annotation in the file changed.

@veracode-workflow-app veracode-workflow-app / Veracode Static Code Analysis - Pipeline

Information Exposure Through an Error Message

Filename: code/aws.go
Line: 47
CWE: 209 (Information Exposure Through an Error Message)

 The application calls the log::Println() function, which may expose information about the application logic or other details such as the names and versions of the application container and associated components.  This information can be useful in executing other attacks and can also enable the attacker to target known vulnerabilities in application components. The first argument to Println() contains data from an error message (possibly containing untrusted data). The data from an error message (possibly containing untrusted data) originated from earlier calls to io.ReadAll, and net.http.Client.Do.
Ensure that error codes or other messages returned to end users are not overly verbose.  Sanitize all messages of any sensitive information that is not absolutely necessary.
References: <a href="https://cwe.mitre.org/data/definitions/209.html">CWE</a>