Skip to content

fix(security): scrub the three remaining log-injection sites#159

Merged
VortexUK merged 1 commit into
mainfrom
fix/last-scanning-alerts
Jul 11, 2026
Merged

fix(security): scrub the three remaining log-injection sites#159
VortexUK merged 1 commit into
mainfrom
fix/last-scanning-alerts

Conversation

@VortexUK

Copy link
Copy Markdown
Owner

Follow-up to #158: the refreshed main analysis closed 29 of 32 alerts; these are the last three live sites — the cache HIT key log (missed in the first sweep) and aa.py's effects-parse warning (crc/tier are typed ints, scrubbed anyway to clear the taint). Will re-dispatch the main analysis after merge to confirm zero open alerts.

🤖 Generated with Claude Code

The refreshed main CodeQL analysis (post-#158) left three live alerts:
the cache HIT log (one key log site missed in #158) and the aa.py
effects-parse warning (crc/tier are FastAPI-typed ints that cannot carry
CRLF, but scrub is free and clears the taint).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@VortexUK
VortexUK merged commit 957e6d2 into main Jul 11, 2026
6 checks passed
@VortexUK
VortexUK deleted the fix/last-scanning-alerts branch July 11, 2026 12:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant