Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

suppressing CodeQL.SM02196 #3876

Open
wants to merge 2 commits into
base: v4.x
Choose a base branch
from
Open

suppressing CodeQL.SM02196 #3876

wants to merge 2 commits into from

Conversation

soninaren
Copy link
Member

We calculate md5 for a blob before uploading a zip package for run from package. This is validated against the precalculated md5 from blob client on azure to ensure the full zip file got uploaded.
We cannot change this as blob client provides md5 out of the box.

  • My changes do not require documentation changes
    • Otherwise: Documentation issue linked to PR
  • My changes do not need to be backported to a previous version
    • Otherwise: Backport tracked by issue/PR #issue_or_pr
  • I have added all required tests (Unit tests, E2E tests)

@soninaren soninaren requested a review from a team as a code owner October 9, 2024 21:17
liliankasem
liliankasem reviewed Oct 16, 2024
View reviewed changes
src/Azure.Functions.Cli/Helpers/SecurityHelpers.cs
@@ -121,6 +121,9 @@ internal static async Task<X509Certificate2> CreateCertificateOpenSSL()
return new X509Certificate2($"{certFileNames}certificate.pfx", DEFAULT_PASSWORD);
}


Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

jviau
jviau reviewed Oct 17, 2024
View reviewed changes
src/Azure.Functions.Cli/Helpers/SecurityHelpers.cs
@@ -121,10 +121,9 @@ internal static async Task<X509Certificate2> CreateCertificateOpenSSL()
return new X509Certificate2($"{certFileNames}certificate.pfx", DEFAULT_PASSWORD);
}

// Suppressing CodeQL warning because this code is only used to validate blob content. Not used to encrypt any secrets

// CodeQL [SM02196] intent is to validate blob content. Not used to encrypt any secrets
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is on the wrong line. It needs to be on same line as using (var md5 = MD5.Create()) or be immediately above it.

// CodeQL [SM02196] intent is to validate blob content. Not used to encrypt any secrets
using (var md5 = MD5.Create())

OR

using (var md5 = MD5.Create()) // CodeQL [SM02196] intent is to validate blob content. Not used to encrypt any secrets

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liliankasem liliankasem liliankasem left review comments

@jviau jviau jviau left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@soninaren @liliankasem @jviau