codecov[bot]
commented
1 month ago Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 91.52%. Comparing base (
05a2c01) to head (ce6d89d). Report is 1 commits behind head on main.
Additional details and impacted files
```diff @@ Coverage Diff @@ ## main #354 +/- ## ======================================= Coverage 91.52% 91.52% ======================================= Files 360 360 Lines 4342 4343 +1 Branches 374 374 ======================================= + Hits 3974 3975 +1 Misses 237 237 Partials 131 131 ```:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Fixes https://github.com/dallay/lyra/security/code-scanning/167
To fix the log injection issue, we need to sanitize the
query.usernamebefore logging it. The best way to do this is to remove any potentially harmful characters, such as newlines, that could be used to forge log entries. We can use thereplacemethod to replace newline characters with an empty string. This change should be made in thehandlemethod of theAuthenticateUserQueryHandlerclass.Suggested fixes powered by Copilot Autofix. Review carefully before merging.