Skip to content

Alert autofix 8#27

Merged
jpstroop merged 2 commits intomainfrom
alert-autofix-8
Mar 18, 2025
Merged

Alert autofix 8#27
jpstroop merged 2 commits intomainfrom
alert-autofix-8

Conversation

@jpstroop
Copy link
Owner

@jpstroop jpstroop commented Mar 18, 2025

No description provided.

jpstroop and others added 2 commits March 18, 2025 16:13
@jpstroop @github-advanced-security
Potential fix for code scanning alert no. 8: Clear-text logging of se…
edae2e5 
…nsitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@jpstroop
Fix code scanning alert: Clear-text logging of sensitive information
e4c5aef 
Address security issue identified in:
https://github.com/jpstroop/fitbit-client-python/security/code-scanning/8

- Add docs/SECURITY.md with comprehensive guidance on debug mode security
- Add explicit security warnings to debug output in _base.py
- Update docstrings in debug-related methods to highlight security risks

Debug mode intentionally includes OAuth tokens for troubleshooting, but
now includes proper documentation and warnings about secure usage.
@codecov
Copy link

codecov bot commented Mar 18, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (5cd195f) to head (e4c5aef).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main       #27   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           34        34           
  Lines         1989      1994    +5     
  Branches       165       165           
=========================================
+ Hits          1989      1994    +5
Files with missing lines Coverage Δ
fitbit_client/resources/_base.py 100.00% <100.00%> (ø)
fitbit_client/utils/curl_debug_mixin.py 100.00% <ø> (ø)
🚀 New features to boost your workflow:
  • Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@jpstroop jpstroop merged commit 5080103 into main Mar 18, 2025
10 checks passed
@jpstroop jpstroop deleted the alert-autofix-8 branch March 18, 2025 20:59
jpstroop added a commit that referenced this pull request Mar 18, 2025
@jpstroop
Fix code scanning alert: Clear-text logging of sensitive information (#…
fa730a2 
…27)

Address security issue identified in:
https://github.com/jpstroop/fitbit-client-python/security/code-scanning/8

- Add docs/SECURITY.md with comprehensive guidance on debug mode security
- Add explicit security warnings to debug output in _base.py
- Update docstrings in debug-related methods to highlight security risks

Debug mode intentionally includes OAuth tokens for troubleshooting, but
now includes proper documentation and warnings about secure usage.
jpstroop added a commit that referenced this pull request Mar 18, 2025
@jpstroop
Fix code scanning alert: Clear-text logging of sensitive information (#…
40f9f0a 
…27)

Address security issue identified in:
https://github.com/jpstroop/fitbit-client-python/security/code-scanning/8

- Add docs/SECURITY.md with comprehensive guidance on debug mode security
- Add explicit security warnings to debug output in _base.py
- Update docstrings in debug-related methods to highlight security risks

Debug mode intentionally includes OAuth tokens for troubleshooting, but
now includes proper documentation and warnings about secure usage.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jpstroop