From 9466aca0e4b5c9813ff86f5e3ea539f888a87528 Mon Sep 17 00:00:00 2001 From: Ntein Precious <92717513+NteinPrecious@users.noreply.github.com> Date: Fri, 19 Jun 2026 10:26:39 +0100 Subject: [PATCH 1/3] fix(security): use ${DB_PASSWORD:-password} instead of hardcoded literal in devops/docker-compose.quantara.dev.yaml --- devops/docker-compose.quantara.dev.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devops/docker-compose.quantara.dev.yaml b/devops/docker-compose.quantara.dev.yaml index 373fb6156..4d67e0b87 100644 --- a/devops/docker-compose.quantara.dev.yaml +++ b/devops/docker-compose.quantara.dev.yaml @@ -27,7 +27,7 @@ services: - DB_PORT=5432 - DB_NAME=quantara - DB_USER=postgres - - DB_PASSWORD=password + - DB_PASSWORD=${DB_PASSWORD:-password} healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:8000/health || exit 1"] interval: 15s @@ -42,7 +42,7 @@ services: environment: POSTGRES_DB: quantara POSTGRES_USER: postgres - POSTGRES_PASSWORD: password + POSTGRES_PASSWORD: ${DB_PASSWORD:-password} volumes: - postgres_data_dev:/var/lib/postgresql/data - ../quantara/init-db:/docker-entrypoint-initdb.d @@ -73,4 +73,4 @@ services: condition: service_healthy volumes: - postgres_data_dev: + postgres_data_dev: \ No newline at end of file From 03e97d067840506960c6117193adb64ff5a36c26 Mon Sep 17 00:00:00 2001 From: Ntein Precious <92717513+NteinPrecious@users.noreply.github.com> Date: Fri, 19 Jun 2026 10:26:42 +0100 Subject: [PATCH 2/3] fix(security): use ${DB_PASSWORD:-password} instead of hardcoded literal in devops/docker-compose.quantara.back.yaml --- devops/docker-compose.quantara.back.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devops/docker-compose.quantara.back.yaml b/devops/docker-compose.quantara.back.yaml index ba75f7f26..045deea67 100644 --- a/devops/docker-compose.quantara.back.yaml +++ b/devops/docker-compose.quantara.back.yaml @@ -29,7 +29,7 @@ services: - DB_PORT=5432 - DB_NAME=quantara - DB_USER=postgres - - DB_PASSWORD=password + - DB_PASSWORD=${DB_PASSWORD:-password} healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:8000/health || exit 1"] interval: 15s @@ -44,7 +44,7 @@ services: environment: POSTGRES_DB: quantara POSTGRES_USER: postgres - POSTGRES_PASSWORD: password + POSTGRES_PASSWORD: ${DB_PASSWORD:-password} volumes: - postgres_data_dev:/var/lib/postgresql/data - ../quantara/init-db:/docker-entrypoint-initdb.d @@ -59,4 +59,4 @@ services: retries: 5 volumes: - postgres_data_dev: + postgres_data_dev: \ No newline at end of file From dd481d317461c3ef9fe223f6667ce8cab8918c1d Mon Sep 17 00:00:00 2001 From: Ntein Precious <92717513+NteinPrecious@users.noreply.github.com> Date: Fri, 19 Jun 2026 10:26:46 +0100 Subject: [PATCH 3/3] fix(security): use ${DB_PASSWORD:-password} instead of hardcoded literal in devops/docker-compose.quantara.dev-windows.yaml --- devops/docker-compose.quantara.dev-windows.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devops/docker-compose.quantara.dev-windows.yaml b/devops/docker-compose.quantara.dev-windows.yaml index 4fb58d0c9..6e99ff756 100644 --- a/devops/docker-compose.quantara.dev-windows.yaml +++ b/devops/docker-compose.quantara.dev-windows.yaml @@ -27,7 +27,7 @@ services: - DB_PORT=5432 - DB_NAME=quantara - DB_USER=postgres - - DB_PASSWORD=password + - DB_PASSWORD=${DB_PASSWORD:-password} db: image: postgres:16 @@ -35,7 +35,7 @@ services: environment: POSTGRES_DB: quantara POSTGRES_USER: postgres - POSTGRES_PASSWORD: password + POSTGRES_PASSWORD: ${DB_PASSWORD:-password} volumes: - postgres_data_dev:/var/lib/postgresql/data - ../quantara/init-db:/docker-entrypoint-initdb.d @@ -64,4 +64,4 @@ services: - backend volumes: - postgres_data_dev: + postgres_data_dev: \ No newline at end of file