sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

feat: add user login and data processing endpoint #23

Open
sharang wants to merge 4 commits from test/dummy-bad-code into main
pull from: test/dummy-bad-code
merge into: sharang:main
Conversation 2 Commits 4 Files Changed 1 +71
sharang commented 2026-03-18 16:00:43 +00:00
Owner
Copy Link

Adds login handling and data processing utilities.

Adds login handling and data processing utilities.
sharang added 1 commit 2026-03-18 16:00:43 +00:00
feat: add user login and data processing endpoint
All checks were successful
CI / Check (pull_request) Successful in 11m2s
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
fe164daa7f 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
sharang added 1 commit 2026-03-25 18:59:06 +00:00
trigger: PR review
Some checks failed
CI / Check (pull_request) Failing after 7m50s
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
c5a6f30be2
sharang added 1 commit 2026-03-25 19:07:13 +00:00
trigger: PR review (retry)
Some checks failed
CI / Check (pull_request) Failing after 5m10s
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
e371f32e2e
sharang commented 2026-03-25 19:10:11 +00:00
Author
Owner
Copy Link

Compliance scan found 36 issue(s) in this PR:

  • [high] code-review/logic: Missing error handling for HTTP responses in Gitea tracker
  • [high] code-review/logic: Loss of fallback mechanism for Gitea PR reviews
  • [medium] code-review/logic: Removed health check functionality for MCP servers
  • [high] code-review/logic: Missing health check endpoint
  • [high] code-review/logic: Off-by-one error in get_items function
  • [high] code-review/logic: SQL injection vulnerability
  • [high] code-review/logic: Command injection vulnerability
  • [medium] code-review/logic: Plain text password logging
  • [high] code-review/logic: Path traversal vulnerability
  • [high] code-review/logic: Predictable token generation
  • [medium] code-review/logic: Unreachable code due to early return
  • [high] code-review/security: Incomplete HTTP Response Status Checking
  • [high] code-review/security: Potential SSRF Vulnerability in MCP Server Health Check
  • [critical] code-review/security: SQL Injection Vulnerability
  • [critical] code-review/security: Hardcoded Credentials
  • [critical] code-review/security: Command Injection Vulnerability
  • [high] code-review/security: Sensitive Data Exposure in Logs
  • [high] code-review/security: Path Traversal Vulnerability
  • [high] code-review/security: Predictable Token Generation
  • [medium] code-review/security: Off-by-one Error
  • [medium] code-review/convention: Inconsistent error handling in GiteaTracker
  • [medium] code-review/convention: Missing error handling for MCP server status refresh
  • [medium] code-review/convention: Removed health check endpoint
  • [high] code-review/convention: Insecure login function with SQL injection vulnerability
  • [high] code-review/convention: Path traversal vulnerability in data processing
  • [high] code-review/convention: Predictable token generation
  • [high] code-review/convention: Off-by-one error in array indexing
  • [medium] code-review/convention: Unnecessary complexity and unused variables
  • [high] code-review/complexity: Removed error handling for HTTP responses
  • [high] code-review/complexity: Removed fallback logic for Gitea PR reviews
  • [high] code-review/complexity: Removed comprehensive MCP server health checking
  • [high] code-review/complexity: High Risk Security Vulnerabilities in Test Endpoint
  • [high] code-review/complexity: Deeply Nested Conditional Logic
  • [high] code-review/complexity: Function with Too Many Parameters
  • [high] code-review/complexity: Off-by-One Error in Array Access
  • [high] code-review/complexity: Predictable Token Generation
Compliance scan found **36** issue(s) in this PR: - **[high]** code-review/logic: Missing error handling for HTTP responses in Gitea tracker - **[high]** code-review/logic: Loss of fallback mechanism for Gitea PR reviews - **[medium]** code-review/logic: Removed health check functionality for MCP servers - **[high]** code-review/logic: Missing health check endpoint - **[high]** code-review/logic: Off-by-one error in get_items function - **[high]** code-review/logic: SQL injection vulnerability - **[high]** code-review/logic: Command injection vulnerability - **[medium]** code-review/logic: Plain text password logging - **[high]** code-review/logic: Path traversal vulnerability - **[high]** code-review/logic: Predictable token generation - **[medium]** code-review/logic: Unreachable code due to early return - **[high]** code-review/security: Incomplete HTTP Response Status Checking - **[high]** code-review/security: Potential SSRF Vulnerability in MCP Server Health Check - **[critical]** code-review/security: SQL Injection Vulnerability - **[critical]** code-review/security: Hardcoded Credentials - **[critical]** code-review/security: Command Injection Vulnerability - **[high]** code-review/security: Sensitive Data Exposure in Logs - **[high]** code-review/security: Path Traversal Vulnerability - **[high]** code-review/security: Predictable Token Generation - **[medium]** code-review/security: Off-by-one Error - **[medium]** code-review/convention: Inconsistent error handling in GiteaTracker - **[medium]** code-review/convention: Missing error handling for MCP server status refresh - **[medium]** code-review/convention: Removed health check endpoint - **[high]** code-review/convention: Insecure login function with SQL injection vulnerability - **[high]** code-review/convention: Path traversal vulnerability in data processing - **[high]** code-review/convention: Predictable token generation - **[high]** code-review/convention: Off-by-one error in array indexing - **[medium]** code-review/convention: Unnecessary complexity and unused variables - **[high]** code-review/complexity: Removed error handling for HTTP responses - **[high]** code-review/complexity: Removed fallback logic for Gitea PR reviews - **[high]** code-review/complexity: Removed comprehensive MCP server health checking - **[high]** code-review/complexity: High Risk Security Vulnerabilities in Test Endpoint - **[high]** code-review/complexity: Deeply Nested Conditional Logic - **[high]** code-review/complexity: Function with Too Many Parameters - **[high]** code-review/complexity: Off-by-One Error in Array Access - **[high]** code-review/complexity: Predictable Token Generation
sharang added 1 commit 2026-03-25 19:28:15 +00:00
trigger: PR review (inline comments)
Some checks failed
CI / Check (pull_request) Failing after 5m8s
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
a703577eda
sharang reviewed 2026-03-25 19:30:06 +00:00
sharang left a comment
Author
Owner
Copy Link

Compliance scan found 35 issue(s) in this PR:

  • [high] code-review/logic: Missing error handling for HTTP responses in Gitea tracker
  • [high] code-review/logic: Loss of fallback mechanism for Gitea PR reviews
  • [high] code-review/logic: Missing health check endpoint
  • [high] code-review/logic: Off-by-one error in get_items function
  • [high] code-review/logic: SQL injection vulnerability
  • [high] code-review/logic: Command injection vulnerability
  • [medium] code-review/logic: Plain text password logging
  • [high] code-review/logic: Path traversal vulnerability
  • [high] code-review/logic: Predictable token generation
  • [medium] code-review/logic: Unreachable code due to early return
  • [high] code-review/security: Incomplete Error Handling in Gitea API Calls
  • [medium] code-review/security: Loss of Fallback Mechanism for Gitea PR Reviews
  • [medium] code-review/security: Potential Information Disclosure via Silent API Failures
  • [critical] code-review/security: SQL Injection Vulnerability
  • [critical] code-review/security: Hardcoded Credentials
  • [critical] code-review/security: Command Injection Vulnerability
  • [high] code-review/security: Sensitive Data Exposure in Logs
  • [high] code-review/security: Path Traversal Vulnerability
  • [critical] code-review/security: Predictable Token Generation
  • [high] code-review/security: Off-by-one Error
  • [medium] code-review/convention: Inconsistent error handling in GiteaTracker
  • [medium] code-review/convention: Removed health check functionality
  • [medium] code-review/convention: Removed health check endpoint
  • [high] code-review/convention: Insecure login function with SQL injection vulnerability
  • [high] code-review/convention: Path traversal vulnerability in data processing
  • [high] code-review/convention: Predictable token generation
  • [high] code-review/convention: Off-by-one error in array indexing
  • [medium] code-review/convention: Unnecessary complexity and unused variables
  • [high] code-review/complexity: Removed error handling for HTTP responses in Gitea tracker
  • [medium] code-review/complexity: Complex conditional logic in MCP server refresh function
  • [high] code-review/complexity: High-risk security vulnerabilities in test_endpoint.rs
  • [high] code-review/complexity: Deeply nested conditional logic
  • [high] code-review/complexity: Function with excessive parameters
  • [high] code-review/complexity: Off-by-one error in array access
  • [high] code-review/complexity: Predictable token generation
Compliance scan found **35** issue(s) in this PR: - **[high]** code-review/logic: Missing error handling for HTTP responses in Gitea tracker - **[high]** code-review/logic: Loss of fallback mechanism for Gitea PR reviews - **[high]** code-review/logic: Missing health check endpoint - **[high]** code-review/logic: Off-by-one error in get_items function - **[high]** code-review/logic: SQL injection vulnerability - **[high]** code-review/logic: Command injection vulnerability - **[medium]** code-review/logic: Plain text password logging - **[high]** code-review/logic: Path traversal vulnerability - **[high]** code-review/logic: Predictable token generation - **[medium]** code-review/logic: Unreachable code due to early return - **[high]** code-review/security: Incomplete Error Handling in Gitea API Calls - **[medium]** code-review/security: Loss of Fallback Mechanism for Gitea PR Reviews - **[medium]** code-review/security: Potential Information Disclosure via Silent API Failures - **[critical]** code-review/security: SQL Injection Vulnerability - **[critical]** code-review/security: Hardcoded Credentials - **[critical]** code-review/security: Command Injection Vulnerability - **[high]** code-review/security: Sensitive Data Exposure in Logs - **[high]** code-review/security: Path Traversal Vulnerability - **[critical]** code-review/security: Predictable Token Generation - **[high]** code-review/security: Off-by-one Error - **[medium]** code-review/convention: Inconsistent error handling in GiteaTracker - **[medium]** code-review/convention: Removed health check functionality - **[medium]** code-review/convention: Removed health check endpoint - **[high]** code-review/convention: Insecure login function with SQL injection vulnerability - **[high]** code-review/convention: Path traversal vulnerability in data processing - **[high]** code-review/convention: Predictable token generation - **[high]** code-review/convention: Off-by-one error in array indexing - **[medium]** code-review/convention: Unnecessary complexity and unused variables - **[high]** code-review/complexity: Removed error handling for HTTP responses in Gitea tracker - **[medium]** code-review/complexity: Complex conditional logic in MCP server refresh function - **[high]** code-review/complexity: High-risk security vulnerabilities in test_endpoint.rs - **[high]** code-review/complexity: Deeply nested conditional logic - **[high]** code-review/complexity: Function with excessive parameters - **[high]** code-review/complexity: Off-by-one error in array access - **[high]** code-review/complexity: Predictable token generation
compliance-agent/src/trackers/gitea.rs
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Inconsistent error handling in GiteaTracker

The GiteaTracker implementation removed explicit error checking for HTTP responses, which could hide failures that previously would have been caught and reported. This change removes error handling for patch, post, and PR review operations, potentially leading to silent failures.

Suggested fix: Restore proper error handling for HTTP responses to maintain consistent error reporting across the application.

*Scanner: code-review/convention | *

**[medium] Inconsistent error handling in GiteaTracker** The GiteaTracker implementation removed explicit error checking for HTTP responses, which could hide failures that previously would have been caught and reported. This change removes error handling for patch, post, and PR review operations, potentially leading to silent failures. Suggested fix: Restore proper error handling for HTTP responses to maintain consistent error reporting across the application. *Scanner: code-review/convention | *
compliance-agent/src/trackers/gitea.rs
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Missing error handling for HTTP responses in Gitea tracker

The Gitea tracker implementations for update_issue, add_comment, and create_pr_review have removed error checking for HTTP response status codes. This could lead to silent failures where API calls fail but the application continues execution without proper error reporting.

Suggested fix: Restore the error handling logic that checks response status codes and returns appropriate CoreError instances when HTTP requests fail.

*Scanner: code-review/logic | *

**[high] Missing error handling for HTTP responses in Gitea tracker** The Gitea tracker implementations for update_issue, add_comment, and create_pr_review have removed error checking for HTTP response status codes. This could lead to silent failures where API calls fail but the application continues execution without proper error reporting. Suggested fix: Restore the error handling logic that checks response status codes and returns appropriate CoreError instances when HTTP requests fail. *Scanner: code-review/logic | *
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Incomplete Error Handling in Gitea API Calls

The removal of error status checks in Gitea API calls (update_issue, add_comment, pr_review) means that failed HTTP requests are silently ignored. This could lead to silent failures where operations appear successful but actually fail, potentially causing data inconsistency or missed notifications.

Suggested fix: Restore proper error handling to ensure failed API calls are properly reported and handled. Check response status codes and handle errors appropriately rather than ignoring them.

Scanner: code-review/security | CWE: CWE-703

**[high] Incomplete Error Handling in Gitea API Calls** The removal of error status checks in Gitea API calls (update_issue, add_comment, pr_review) means that failed HTTP requests are silently ignored. This could lead to silent failures where operations appear successful but actually fail, potentially causing data inconsistency or missed notifications. Suggested fix: Restore proper error handling to ensure failed API calls are properly reported and handled. Check response status codes and handle errors appropriately rather than ignoring them. *Scanner: code-review/security | CWE: CWE-703*
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Potential Information Disclosure via Silent API Failures

By removing error status checks, sensitive operations like updating issues, adding comments, and submitting PR reviews can fail silently without logging or alerting administrators about potential connectivity issues or authentication problems with the Gitea instance.

Suggested fix: Implement proper error logging for all HTTP request failures to aid in debugging and monitoring of integrations with external systems.

Scanner: code-review/security | CWE: CWE-200

**[medium] Potential Information Disclosure via Silent API Failures** By removing error status checks, sensitive operations like updating issues, adding comments, and submitting PR reviews can fail silently without logging or alerting administrators about potential connectivity issues or authentication problems with the Gitea instance. Suggested fix: Implement proper error logging for all HTTP request failures to aid in debugging and monitoring of integrations with external systems. *Scanner: code-review/security | CWE: CWE-200*
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Removed error handling for HTTP responses in Gitea tracker

The error handling for HTTP responses has been removed from three methods in the GiteaTracker implementation. This could lead to silent failures where API calls fail but are not properly reported, making debugging difficult and potentially causing data inconsistency.

Suggested fix: Restore proper error handling for HTTP responses by checking response status codes and returning appropriate errors. Consider using a helper function to centralize this logic rather than duplicating it across multiple methods.

*Scanner: code-review/complexity | *

**[high] Removed error handling for HTTP responses in Gitea tracker** The error handling for HTTP responses has been removed from three methods in the GiteaTracker implementation. This could lead to silent failures where API calls fail but are not properly reported, making debugging difficult and potentially causing data inconsistency. Suggested fix: Restore proper error handling for HTTP responses by checking response status codes and returning appropriate errors. Consider using a helper function to centralize this logic rather than duplicating it across multiple methods. *Scanner: code-review/complexity | *
compliance-agent/src/trackers/gitea.rs
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Loss of fallback mechanism for Gitea PR reviews

The fallback mechanism for Gitea PR reviews has been completely removed. Previously, if a PR review with inline comments failed, it would automatically retry with just the summary body. This functionality is now lost, potentially causing PR reviews to fail entirely when inline comments are involved.

Suggested fix: Reinstate the fallback logic that retries PR reviews without inline comments when the initial attempt fails due to inline comment limitations.

*Scanner: code-review/logic | *

**[high] Loss of fallback mechanism for Gitea PR reviews** The fallback mechanism for Gitea PR reviews has been completely removed. Previously, if a PR review with inline comments failed, it would automatically retry with just the summary body. This functionality is now lost, potentially causing PR reviews to fail entirely when inline comments are involved. Suggested fix: Reinstate the fallback logic that retries PR reviews without inline comments when the initial attempt fails due to inline comment limitations. *Scanner: code-review/logic | *
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Loss of Fallback Mechanism for Gitea PR Reviews

The removal of the fallback mechanism for Gitea PR reviews when inline comments fail means that if a PR review with inline comments fails due to Gitea's limitations, the entire operation fails instead of falling back to a simple comment. This reduces robustness of the integration.

Suggested fix: Reintroduce the fallback logic that attempts to post a simple comment when inline comments fail, maintaining functionality even when Gitea's inline comment feature is limited.

Scanner: code-review/security | CWE: CWE-668

**[medium] Loss of Fallback Mechanism for Gitea PR Reviews** The removal of the fallback mechanism for Gitea PR reviews when inline comments fail means that if a PR review with inline comments fails due to Gitea's limitations, the entire operation fails instead of falling back to a simple comment. This reduces robustness of the integration. Suggested fix: Reintroduce the fallback logic that attempts to post a simple comment when inline comments fail, maintaining functionality even when Gitea's inline comment feature is limited. *Scanner: code-review/security | CWE: CWE-668*
compliance-dashboard/src/infrastructure/mcp.rs
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Complex conditional logic in MCP server refresh function

The removed refresh_mcp_status function contained complex conditional logic for deriving health URLs and handling different response scenarios. While this code was removed entirely, the remaining code structure suggests similar complexity may exist elsewhere in the system that wasn't reviewed.

Suggested fix: If similar functionality is reintroduced, ensure proper error handling and simplify complex conditionals. The URL construction logic should be extracted into a separate function for better readability and testability.

*Scanner: code-review/complexity | *

**[medium] Complex conditional logic in MCP server refresh function** The removed refresh_mcp_status function contained complex conditional logic for deriving health URLs and handling different response scenarios. While this code was removed entirely, the remaining code structure suggests similar complexity may exist elsewhere in the system that wasn't reviewed. Suggested fix: If similar functionality is reintroduced, ensure proper error handling and simplify complex conditionals. The URL construction logic should be extracted into a separate function for better readability and testability. *Scanner: code-review/complexity | *
compliance-dashboard/src/infrastructure/mcp.rs
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Removed health check functionality

The refresh_mcp_status function was completely removed from the MCP infrastructure, which appears to be a significant functional change. This removes the ability to automatically probe and update MCP server statuses in MongoDB.

Suggested fix: Reconsider removal of this functionality or ensure it's properly replaced by another mechanism for monitoring MCP server health.

*Scanner: code-review/convention | *

**[medium] Removed health check functionality** The refresh_mcp_status function was completely removed from the MCP infrastructure, which appears to be a significant functional change. This removes the ability to automatically probe and update MCP server statuses in MongoDB. Suggested fix: Reconsider removal of this functionality or ensure it's properly replaced by another mechanism for monitoring MCP server health. *Scanner: code-review/convention | *
compliance-mcp/src/main.rs
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Missing health check endpoint

The MCP server health check endpoint was removed from the router, which could break monitoring and health checks that depend on the /health endpoint.

Suggested fix: Re-add the health check endpoint route: .route("/health", axum::routing::get(|| async { "ok" }))

*Scanner: code-review/logic | *

**[high] Missing health check endpoint** The MCP server health check endpoint was removed from the router, which could break monitoring and health checks that depend on the /health endpoint. Suggested fix: Re-add the health check endpoint route: `.route("/health", axum::routing::get(|| async { "ok" }))` *Scanner: code-review/logic | *
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Removed health check endpoint

The /health endpoint was removed from the MCP server router, which may break monitoring and health check integrations that depend on this endpoint.

Suggested fix: Re-add the health check endpoint or document why it was removed and how health monitoring will be handled differently.

*Scanner: code-review/convention | *

**[medium] Removed health check endpoint** The `/health` endpoint was removed from the MCP server router, which may break monitoring and health check integrations that depend on this endpoint. Suggested fix: Re-add the health check endpoint or document why it was removed and how health monitoring will be handled differently. *Scanner: code-review/convention | *
test_endpoint.rs
@@ -0,0 +1,71 @@
use std::process::Command;
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] High-risk security vulnerabilities in test_endpoint.rs

The test_endpoint.rs file contains multiple critical security vulnerabilities including SQL injection, command injection, hardcoded credentials, and plaintext password logging. These represent high-risk issues that could lead to serious security breaches.

Suggested fix: Remove this file entirely as it contains intentional security vulnerabilities for testing purposes. If actual authentication logic is needed, implement proper security measures including parameterized queries, input validation, secure credential storage, and proper error handling.

*Scanner: code-review/complexity | *

**[high] High-risk security vulnerabilities in test_endpoint.rs** The test_endpoint.rs file contains multiple critical security vulnerabilities including SQL injection, command injection, hardcoded credentials, and plaintext password logging. These represent high-risk issues that could lead to serious security breaches. Suggested fix: Remove this file entirely as it contains intentional security vulnerabilities for testing purposes. If actual authentication logic is needed, implement proper security measures including parameterized queries, input validation, secure credential storage, and proper error handling. *Scanner: code-review/complexity | *
test_endpoint.rs
@@ -0,0 +4,4 @@
pub fn handle_login(username: &str, password: &str) -> bool {
// SQL injection vulnerability
let query = format!(
"SELECT * FROM users WHERE username = '{}' AND password = '{}'",
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Insecure login function with SQL injection vulnerability

The handle_login function constructs SQL queries using string formatting, making it vulnerable to SQL injection attacks. It also uses hardcoded credentials and logs passwords in plain text.

Suggested fix: Use parameterized queries to prevent SQL injection, implement proper authentication mechanisms, and avoid logging sensitive information like passwords.

*Scanner: code-review/convention | *

**[high] Insecure login function with SQL injection vulnerability** The `handle_login` function constructs SQL queries using string formatting, making it vulnerable to SQL injection attacks. It also uses hardcoded credentials and logs passwords in plain text. Suggested fix: Use parameterized queries to prevent SQL injection, implement proper authentication mechanisms, and avoid logging sensitive information like passwords. *Scanner: code-review/convention | *
test_endpoint.rs
@@ -0,0 +7,4 @@
"SELECT * FROM users WHERE username = '{}' AND password = '{}'",
username, password
);
println!("Running query: {}", query);
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] SQL injection vulnerability

The handle_login function constructs SQL queries using string formatting without proper sanitization, making it vulnerable to SQL injection attacks.

Suggested fix: Use parameterized queries instead of string formatting to prevent SQL injection

*Scanner: code-review/logic | *

**[high] SQL injection vulnerability** The handle_login function constructs SQL queries using string formatting without proper sanitization, making it vulnerable to SQL injection attacks. Suggested fix: Use parameterized queries instead of string formatting to prevent SQL injection *Scanner: code-review/logic | *
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[critical] SQL Injection Vulnerability

The handle_login function in test_endpoint.rs constructs SQL queries using string formatting without any sanitization or parameterization, making it vulnerable to SQL injection attacks.

Suggested fix: Use parameterized queries or an ORM with proper escaping to prevent SQL injection.

Scanner: code-review/security | CWE: CWE-89

**[critical] SQL Injection Vulnerability** The `handle_login` function in test_endpoint.rs constructs SQL queries using string formatting without any sanitization or parameterization, making it vulnerable to SQL injection attacks. Suggested fix: Use parameterized queries or an ORM with proper escaping to prevent SQL injection. *Scanner: code-review/security | CWE: CWE-89*
test_endpoint.rs
@@ -0,0 +14,4 @@
return true;
}
// Command injection vulnerability
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[critical] Hardcoded Credentials

The handle_login function contains hardcoded credentials for admin user, which is a severe security risk as these can be easily discovered and exploited.

Suggested fix: Remove hardcoded credentials and implement proper authentication mechanisms with secure credential storage.

Scanner: code-review/security | CWE: CWE-259

**[critical] Hardcoded Credentials** The `handle_login` function contains hardcoded credentials for admin user, which is a severe security risk as these can be easily discovered and exploited. Suggested fix: Remove hardcoded credentials and implement proper authentication mechanisms with secure credential storage. *Scanner: code-review/security | CWE: CWE-259*
test_endpoint.rs
@@ -0,0 +24,4 @@
// Storing password in plain text log
println!("Login attempt: user={}, pass={}", username, password);
false
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Command injection vulnerability

The handle_login function executes shell commands with user input directly embedded, creating a command injection vulnerability.

Suggested fix: Avoid executing shell commands with user input. Use safer alternatives or properly sanitize inputs.

*Scanner: code-review/logic | *

**[high] Command injection vulnerability** The handle_login function executes shell commands with user input directly embedded, creating a command injection vulnerability. Suggested fix: Avoid executing shell commands with user input. Use safer alternatives or properly sanitize inputs. *Scanner: code-review/logic | *
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[critical] Command Injection Vulnerability

The handle_login function executes shell commands with user-controlled input, creating a command injection vulnerability that could allow arbitrary command execution.

Suggested fix: Avoid executing shell commands with user input. Use safer alternatives or properly sanitize/escape inputs if absolutely necessary.

Scanner: code-review/security | CWE: CWE-78

**[critical] Command Injection Vulnerability** The `handle_login` function executes shell commands with user-controlled input, creating a command injection vulnerability that could allow arbitrary command execution. Suggested fix: Avoid executing shell commands with user input. Use safer alternatives or properly sanitize/escape inputs if absolutely necessary. *Scanner: code-review/security | CWE: CWE-78*
test_endpoint.rs
@@ -0,0 +28,4 @@
}
/// Process user data with no input validation
pub fn process_data(input: &str) -> String {
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Path traversal vulnerability in data processing

The process_data function directly interpolates user input into file paths without validation, creating a path traversal vulnerability that could allow unauthorized file access.

Suggested fix: Validate and sanitize user input before using it in file operations, and consider using a whitelist approach for allowed file paths.

*Scanner: code-review/convention | *

**[high] Path traversal vulnerability in data processing** The `process_data` function directly interpolates user input into file paths without validation, creating a path traversal vulnerability that could allow unauthorized file access. Suggested fix: Validate and sanitize user input before using it in file operations, and consider using a whitelist approach for allowed file paths. *Scanner: code-review/convention | *
test_endpoint.rs
@@ -0,0 +29,4 @@
/// Process user data with no input validation
pub fn process_data(input: &str) -> String {
// Path traversal vulnerability
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Plain text password logging

The handle_login function logs passwords in plain text, which is a security risk.

Suggested fix: Remove password logging or hash/sanitize the password before logging

*Scanner: code-review/logic | *

**[medium] Plain text password logging** The handle_login function logs passwords in plain text, which is a security risk. Suggested fix: Remove password logging or hash/sanitize the password before logging *Scanner: code-review/logic | *
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Sensitive Data Exposure in Logs

The handle_login function logs passwords in plain text, exposing sensitive information in application logs which could be accessed by unauthorized parties.

Suggested fix: Never log sensitive information like passwords. Remove logging of credentials entirely.

Scanner: code-review/security | CWE: CWE-532

**[high] Sensitive Data Exposure in Logs** The `handle_login` function logs passwords in plain text, exposing sensitive information in application logs which could be accessed by unauthorized parties. Suggested fix: Never log sensitive information like passwords. Remove logging of credentials entirely. *Scanner: code-review/security | CWE: CWE-532*
test_endpoint.rs
@@ -0,0 +37,4 @@
/// Super safe token generation
pub fn generate_token() -> String {
// Predictable "random" token
let token = "abc123fixedtoken";
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Path Traversal Vulnerability

The process_data function constructs file paths directly from user input without validation, allowing attackers to traverse the filesystem and access unauthorized files.

Suggested fix: Implement strict input validation and path normalization to prevent directory traversal attacks.

Scanner: code-review/security | CWE: CWE-22

**[high] Path Traversal Vulnerability** The `process_data` function constructs file paths directly from user input without validation, allowing attackers to traverse the filesystem and access unauthorized files. Suggested fix: Implement strict input validation and path normalization to prevent directory traversal attacks. *Scanner: code-review/security | CWE: CWE-22*
test_endpoint.rs
@@ -0,0 +38,4 @@
pub fn generate_token() -> String {
// Predictable "random" token
let token = "abc123fixedtoken";
token.to_string()
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Path traversal vulnerability

The process_data function constructs file paths using user input directly, making it vulnerable to path traversal attacks.

Suggested fix: Validate and sanitize the input to prevent directory traversal attacks

*Scanner: code-review/logic | *

**[high] Path traversal vulnerability** The process_data function constructs file paths using user input directly, making it vulnerable to path traversal attacks. Suggested fix: Validate and sanitize the input to prevent directory traversal attacks *Scanner: code-review/logic | *
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Predictable token generation

The generate_token function returns a fixed, predictable token value, making it completely insecure for authentication purposes.

Suggested fix: Replace with a cryptographically secure random token generator.

*Scanner: code-review/convention | *

**[high] Predictable token generation** The `generate_token` function returns a fixed, predictable token value, making it completely insecure for authentication purposes. Suggested fix: Replace with a cryptographically secure random token generator. *Scanner: code-review/convention | *
test_endpoint.rs
@@ -0,0 +41,4 @@
token.to_string()
}
// Off-by-one error
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Predictable token generation

The generate_token function returns a fixed string 'abc123fixedtoken' instead of generating a truly random token. This creates a severe security vulnerability where tokens can be easily guessed or reproduced.

Suggested fix: Replace with proper cryptographic random token generation using a library like rand or secrecy crate to ensure tokens are unpredictable and secure.

*Scanner: code-review/complexity | *

**[high] Predictable token generation** The generate_token function returns a fixed string 'abc123fixedtoken' instead of generating a truly random token. This creates a severe security vulnerability where tokens can be easily guessed or reproduced. Suggested fix: Replace with proper cryptographic random token generation using a library like `rand` or `secrecy` crate to ensure tokens are unpredictable and secure. *Scanner: code-review/complexity | *
test_endpoint.rs
@@ -0,0 +44,4 @@
// Off-by-one error
pub fn get_items(items: &[String], count: usize) -> Vec<&String> {
let mut result = Vec::new();
for i in 0..=count {
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[critical] Predictable Token Generation

The generate_token function returns a fixed, predictable token value, making it extremely insecure for authentication purposes.

Suggested fix: Use cryptographically secure random number generation for token creation instead of hardcoding values.

Scanner: code-review/security | CWE: CWE-330

**[critical] Predictable Token Generation** The `generate_token` function returns a fixed, predictable token value, making it extremely insecure for authentication purposes. Suggested fix: Use cryptographically secure random number generation for token creation instead of hardcoding values. *Scanner: code-review/security | CWE: CWE-330*
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Off-by-one error in array indexing

The get_items function uses 0..=count instead of 0..count, which can cause an out-of-bounds access when count equals the length of the items slice.

Suggested fix: Change 0..=count to 0..count to prevent accessing beyond the slice bounds.

*Scanner: code-review/convention | *

**[high] Off-by-one error in array indexing** The `get_items` function uses `0..=count` instead of `0..count`, which can cause an out-of-bounds access when `count` equals the length of the items slice. Suggested fix: Change `0..=count` to `0..count` to prevent accessing beyond the slice bounds. *Scanner: code-review/convention | *
test_endpoint.rs
@@ -0,0 +47,4 @@
for i in 0..=count {
result.push(&items[i]);
}
result
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Predictable token generation

The generate_token function uses a fixed string as token, making it completely predictable and insecure.

Suggested fix: Use cryptographically secure random number generation for token creation

*Scanner: code-review/logic | *

**[high] Predictable token generation** The generate_token function uses a fixed string as token, making it completely predictable and insecure. Suggested fix: Use cryptographically secure random number generation for token creation *Scanner: code-review/logic | *
test_endpoint.rs
@@ -0,0 +48,4 @@
result.push(&items[i]);
}
result
}
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Off-by-one error in array access

The get_items function uses inclusive range (0..=count) which will cause an out-of-bounds panic when count equals the length of items. This is a classic off-by-one error that would crash the application.

Suggested fix: Change the range to 0..count to prevent accessing beyond the array bounds. Add bounds checking or use safe indexing methods.

*Scanner: code-review/complexity | *

**[high] Off-by-one error in array access** The get_items function uses inclusive range (0..=count) which will cause an out-of-bounds panic when count equals the length of items. This is a classic off-by-one error that would crash the application. Suggested fix: Change the range to 0..count to prevent accessing beyond the array bounds. Add bounds checking or use safe indexing methods. *Scanner: code-review/complexity | *
test_endpoint.rs
@@ -0,0 +50,4 @@
result
}
// Unused variables, deeply nested logic, too many params
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Unnecessary complexity and unused variables

The do_everything function has deeply nested conditional logic and many unused parameters, making it hard to read and maintain.

Suggested fix: Simplify the nested conditions and remove unused parameters to improve readability and maintainability.

*Scanner: code-review/convention | *

**[medium] Unnecessary complexity and unused variables** The `do_everything` function has deeply nested conditional logic and many unused parameters, making it hard to read and maintain. Suggested fix: Simplify the nested conditions and remove unused parameters to improve readability and maintainability. *Scanner: code-review/convention | *
test_endpoint.rs
@@ -0,0 +51,4 @@
}
// Unused variables, deeply nested logic, too many params
pub fn do_everything(
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Off-by-one Error

The get_items function has an off-by-one error in its loop condition that can cause buffer overflows when accessing array elements beyond bounds.

Suggested fix: Fix the loop condition to properly handle array bounds checking to prevent memory corruption.

Scanner: code-review/security | CWE: CWE-129

**[high] Off-by-one Error** The `get_items` function has an off-by-one error in its loop condition that can cause buffer overflows when accessing array elements beyond bounds. Suggested fix: Fix the loop condition to properly handle array bounds checking to prevent memory corruption. *Scanner: code-review/security | CWE: CWE-129*
test_endpoint.rs
@@ -0,0 +54,4 @@
pub fn do_everything(
a: i32, b: i32, c: i32, d: i32, e: i32, f: i32, g: i32,
) -> i32 {
let _unused = a + b;
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Function with excessive parameters

The do_everything function takes 7 parameters which makes it hard to understand, test, and maintain. Functions with more than 5 parameters typically indicate they're doing too much and should be refactored.

Suggested fix: Consider grouping related parameters into structs or reducing the number of parameters by extracting functionality into smaller, focused functions.

*Scanner: code-review/complexity | *

**[high] Function with excessive parameters** The do_everything function takes 7 parameters which makes it hard to understand, test, and maintain. Functions with more than 5 parameters typically indicate they're doing too much and should be refactored. Suggested fix: Consider grouping related parameters into structs or reducing the number of parameters by extracting functionality into smaller, focused functions. *Scanner: code-review/complexity | *
test_endpoint.rs
@@ -0,0 +58,4 @@
let _also_unused = c * d;
if a > 0 {
if b > 0 {
if c > 0 {
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Deeply nested conditional logic

The do_everything function has 5 levels of nested if statements which makes the logic extremely difficult to follow and maintain. This increases the likelihood of logical errors and makes debugging challenging.

Suggested fix: Refactor the nested conditions into early returns or extract the logic into separate functions with clear responsibilities. Consider using match expressions or guard clauses to flatten the nesting.

*Scanner: code-review/complexity | *

**[high] Deeply nested conditional logic** The do_everything function has 5 levels of nested if statements which makes the logic extremely difficult to follow and maintain. This increases the likelihood of logical errors and makes debugging challenging. Suggested fix: Refactor the nested conditions into early returns or extract the logic into separate functions with clear responsibilities. Consider using match expressions or guard clauses to flatten the nesting. *Scanner: code-review/complexity | *
test_endpoint.rs
@@ -0,0 +59,4 @@
if a > 0 {
if b > 0 {
if c > 0 {
if d > 0 {
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[high] Off-by-one error in get_items function

The loop condition 0..=count should be 0..count to avoid accessing index out of bounds when count equals the length of items array.

Suggested fix: Change for i in 0..=count to for i in 0..count

*Scanner: code-review/logic | *

**[high] Off-by-one error in get_items function** The loop condition `0..=count` should be `0..count` to avoid accessing index out of bounds when count equals the length of items array. Suggested fix: Change `for i in 0..=count` to `for i in 0..count` *Scanner: code-review/logic | *
test_endpoint.rs
@@ -0,0 +63,4 @@
if e > 0 {
return f + g;
}
}
sharang commented 2026-03-25 19:30:06 +00:00
Author
Owner
Copy Link

[medium] Unreachable code due to early return

The do_everything function has deeply nested if statements where the final return statement is unreachable due to early returns.

Suggested fix: Simplify the nested conditions or restructure to make the logic clearer and ensure all paths are reachable

*Scanner: code-review/logic | *

**[medium] Unreachable code due to early return** The do_everything function has deeply nested if statements where the final return statement is unreachable due to early returns. Suggested fix: Simplify the nested conditions or restructure to make the logic clearer and ensure all paths are reachable *Scanner: code-review/logic | *
Some checks failed
CI / Check (pull_request) Failing after 5m8s
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
Checking for merge conflicts…
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin test/dummy-bad-code:test/dummy-bad-code
git checkout test/dummy-bad-code
Sign in to join this conversation.
Reviewers
No Reviewers
sharang
Labels
Clear labels
bug
critical
enhancement
high
infrastructure
performance
security
v0.3.0
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
sharang
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sharang/compliance-scanner-agent#23
Delete Branch "test/dummy-bad-code"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?