This security fix closes the hole in API during get requests that tries to find items in DB using user-provided SQL-queries. The fix uses SQL parser to cut out the expression and not to allow any other statements to get through. So the interface was not changed and just improved from security perspective.
In addition it removes version duplication in code generation (openapi) & uses cached oapi-codegen binary to allow to separate dependency loading & build and improve speed of code gen.
Related Issue
fixes: #33
How Has This Been Tested?
Automatically through unit and integration tests
Types of changes
[x] Bug fix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to change)
This security fix closes the hole in API during get requests that tries to find items in DB using user-provided SQL-queries. The fix uses SQL parser to cut out the expression and not to allow any other statements to get through. So the interface was not changed and just improved from security perspective.
In addition it removes version duplication in code generation (openapi) & uses cached oapi-codegen binary to allow to separate dependency loading & build and improve speed of code gen.
Related Issue
fixes: #33
How Has This Been Tested?
Automatically through unit and integration tests
Types of changes
Checklist: