Skip to content

[_] Run yarn format #899

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
TamaraFinogina wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[_] Run yarn format #899

TamaraFinogina wants to merge 1 commit into from

Conversation

@TamaraFinogina
Copy link
Contributor

@TamaraFinogina TamaraFinogina commented Jan 23, 2026

Style changes after running yarn format

@TamaraFinogina TamaraFinogina self-assigned this Jan 23, 2026
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 23, 2026
View reviewed changes
src/lib/newrelic.interceptor.ts
}

console.log(rawClient, rawVersion)
console.log(rawClient, rawVersion);

Check failure

Code scanning / CodeQL

Use of externally-controlled format string High

Format string depends on a
user-provided value
Loading
.

Copilot Autofix

AI about 14 hours ago

In general, to fix format-string issues, avoid using untrusted data as the format string itself. Instead, use a constant format string (for example, "%s") and pass untrusted data as subsequent arguments, or sanitize/escape % characters in the untrusted input.

In this specific case, we can keep the same logging behavior while ensuring user input does not become the format string by introducing a static, literal format string and passing both rawClient and rawVersion as values for %s placeholders. For example, replace console.log(rawClient, rawVersion); with console.log('internxt headers: client=%s version=%s', rawClient, rawVersion);. This preserves logging of both values and prevents rawClient from being interpreted as a format string, because the format string is now the trusted literal 'internxt headers: client=%s version=%s'.

Only one line in src/lib/newrelic.interceptor.ts needs to change, and no new imports or helper methods are required.

Suggested changeset 1
src/lib/newrelic.interceptor.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/lib/newrelic.interceptor.ts b/src/lib/newrelic.interceptor.ts
--- a/src/lib/newrelic.interceptor.ts
+++ b/src/lib/newrelic.interceptor.ts
@@ -37,7 +37,7 @@
       );
     }
 
-    console.log(rawClient, rawVersion);
+    console.log('internxt headers: client=%s version=%s', rawClient, rawVersion);
 
     return next.handle();
   }
EOF
@@ -37,7 +37,7 @@
);
}

console.log(rawClient, rawVersion);
console.log('internxt headers: client=%s version=%s', rawClient, rawVersion);

return next.handle();
}
Copilot is powered by AI and may make mistakes. Always verify output.
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 23, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
5 Security Hotspots
73.7% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jzunigax2 jzunigax2 Awaiting requested review from jzunigax2 jzunigax2 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@TamaraFinogina TamaraFinogina

Labels

ready-for-preview

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@TamaraFinogina