Open 0neand0nly opened 1 year ago
This class doesn't have @WebListener
annotation, so it isn't actually used by web applications and you shouldn't care about it.
@grandinj
Do we really need these DbStarter
and JakartaDbStarter
in main sources? They look like code examples.
@katzyn I don't know
Hello, While I was trying to implement h2database for my personal project one function seemed to be vulnerable. According to my CI tool it states that JakartaDbStarter.java has issue of CWE-798: Use of Hardcoded Credentials : Do not hardcode credentials in code.
on the line: String url = getParameter(servletContext, "db.url", "jdbc:h2:~/test"); the jdbc:h2:~/test is considered to be credentials.
is it okay to use this?