Skip to content

Fix code scanning alerts #1336

Description

@aharwood2

There are some medium alerts picked up by code scanning that we can patch out in the next version. https://github.com/UoMResearchIT/CapX/security/code-scanning

To fix the email logging ones we could just obscure the middle of the email address or something. In theory, the logs are only visible to the container at the moment but if we fix this by putting the logs into the file system then this opens them up but again only to users that can SSH into the machine so it is a negligible risk.

Metadata

Metadata

Assignees

No one assigned

    Labels

    security 🔒Related to the security of the application

    Type

    Fields

    No fields configured for Task.

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions