issues Search Results · language:Dune language:Python language:Java language:JavaScript language:JavaScript language:Java
Filter by
55.4M results
Description
StringUtils.padRight() throws StringIndexOutOfBoundsException when the input string is longer than the target length.
Steps to Reproduce
StringUtils.padRight( long string , 5); // throws ...
github-actions[bot]
Description
The custom sanitize() method in StringUtils only removes script tags but doesn t handle:
- img onerror=... payloads
- Event handlers (onload, onmouseover, etc.)
- URL-encoded payloads ...
Description
No static code analysis tools are configured. Bugs, style violations, and potential issues are only caught during code
review (if at all).
Requirements
- Add SpotBugs Maven plugin for ...
Description
The pom.xml includes mysql-connector-java (8.0.28) but the application uses H2 in-memory database. MySQL is not
configured or used.
!-- TODO: someone added mysql but we never use it in prod ...
Description
There is no code coverage reporting configured. We have no visibility into which code is tested and which is not.
Requirements
- Add JaCoCo Maven plugin
- Generate coverage reports on ...
Description
The /api/tasks/search endpoint is vulnerable to SQL injection. The keyword parameter is directly concatenated into SQL
query string in DatabaseHelper.java.
Steps to Reproduce
1. Call GET ...
Description
The DateUtils.getQuarter() method returns quarter values 0-3 instead of the expected 1-4.
January returns 0 instead of 1, April returns 1 instead of 2, etc.
Root Cause
Calendar.MONTH is ...
Description
There is no code coverage reporting configured. We have no visibility into which code is tested and which is not.
Requirements
- Add JaCoCo Maven plugin
- Generate coverage reports on ...
Description
The pom.xml explicitly declares Jackson Databind 2.13.0, which conflicts with the version managed by Spring Boot 2.7.18
parent POM.
!-- FIXME: jackson version conflict with spring boot parent ...
Description
DatabaseHelper.java uses a lazy singleton pattern without synchronization:
private static Connection connection = null;
public static Connection getConnection() {
if (connection == null) ...
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.