Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat: MySQL check support #890

Merged
merged 2 commits into from
Oct 25, 2024
Merged

Feat: MySQL check support #890

merged 2 commits into from
Oct 25, 2024

Conversation

Fabio286
Copy link
Member

No description provided.

@Fabio286 Fabio286 linked an issue Oct 25, 2024 that may be closed by this pull request
@Fabio286 Fabio286 changed the base branch from master to develop October 25, 2024 16:33
@Fabio286 Fabio286 added the enhancement 🚀 New feature or request label Oct 25, 2024
@Fabio286 Fabio286 changed the title Feat: MuSQL check support Feat: MySQL check support Oct 25, 2024
@Fabio286 Fabio286 merged commit ccbcffc into develop Oct 25, 2024
1 check passed
@Fabio286 Fabio286 deleted the feat/mysql-check-support branch October 25, 2024 16:34
};

const addCheck = () => {
const uid = uidGen();

Check failure

Code scanning / CodeQL

Insecure randomness High

This uses a cryptographically insecure random number generated at
Math.random()
in a security context.

Copilot Autofix AI 30 days ago

To fix the problem, we need to replace the use of Math.random() in the uidGen function with a cryptographically secure random number generator. For Node.js, we can use the crypto module's randomBytes function to generate secure random values. This will ensure that the generated UIDs are not predictable.

  1. Modify the uidGen function in src/common/libs/uidGen.ts to use crypto.randomBytes instead of Math.random().
  2. Ensure that the generated random bytes are converted to a string format that matches the original implementation.
Suggested changeset 1
src/common/libs/uidGen.ts
Outside changed files

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/common/libs/uidGen.ts b/src/common/libs/uidGen.ts
--- a/src/common/libs/uidGen.ts
+++ b/src/common/libs/uidGen.ts
@@ -1,3 +1,6 @@
+import { randomBytes } from 'crypto';
+
 export function uidGen (prefix?: string) {
-   return (prefix ? `${prefix}:` : '') + Math.random().toString(36).substring(2, 11).toUpperCase();
+   const randomString = randomBytes(6).toString('base64').replace(/[^a-zA-Z0-9]/g, '').substring(0, 9).toUpperCase();
+   return (prefix ? `${prefix}:` : '') + randomString;
 }
EOF
@@ -1,3 +1,6 @@
import { randomBytes } from 'crypto';

export function uidGen (prefix?: string) {
return (prefix ? `${prefix}:` : '') + Math.random().toString(36).substring(2, 11).toUpperCase();
const randomString = randomBytes(6).toString('base64').replace(/[^a-zA-Z0-9]/g, '').substring(0, 9).toUpperCase();
return (prefix ? `${prefix}:` : '') + randomString;
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement 🚀 New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Support to CHECK constraints
1 participant