There are some medium alerts picked up by code scanning that we can patch out in the next version. https://github.com/UoMResearchIT/CapX/security/code-scanning
To fix the email logging ones we could just obscure the middle of the email address or something. In theory, the logs are only visible to the container at the moment but if we fix this by putting the logs into the file system then this opens them up but again only to users that can SSH into the machine so it is a negligible risk.
There are some medium alerts picked up by code scanning that we can patch out in the next version. https://github.com/UoMResearchIT/CapX/security/code-scanning
To fix the email logging ones we could just obscure the middle of the email address or something. In theory, the logs are only visible to the container at the moment but if we fix this by putting the logs into the file system then this opens them up but again only to users that can SSH into the machine so it is a negligible risk.