Skip to content

PN-15946 - common version update + getQuickAccessLink implemented new… #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 11 commits into
base: develop
Choose a base branch
from
Open

PN-15946 - common version update + getQuickAccessLink implemented new… #28

wants to merge 11 commits into from

Conversation

CaradonnaMa
Copy link
Collaborator

… qr generation + ecs policy added parameter

@CaradonnaMa CaradonnaMa requested review from a team as code owners August 5, 2025 07:36
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 6, 2025
View reviewed changes
src/main/java/it/pagopa/pn/deliverypushworkflow/legalfacts/LegalFactGeneratorTemplates.java
private String getQuickAccessLink(NotificationRecipientInt recipient, String quickAccess) {
UrlData urlData = new UrlData();
urlData.setRecipientType(it.pagopa.pn.commons.utils.qr.models.RecipientTypeInt.valueOf(recipient.getRecipientType().name()));
log.debug("getQrCodeQuickAccessUrlAarDetail: {}", quickAccess);

Check failure

Code scanning / CodeQL

Insertion of sensitive information into log files High

This
potentially sensitive information
Loading
is written to a log file.
This
potentially sensitive information
Loading
is written to a log file.
This
potentially sensitive information
Loading
is written to a log file.

Copilot Autofix

AI 20 days ago

To fix the problem, we should avoid logging the value of quickAccessToken (or quickAccess) directly. Instead, the log statement should be modified to either remove the token entirely or replace it with a generic message that does not expose sensitive data. The log line at 412 should be changed from:

log.debug("getQrCodeQuickAccessUrlAarDetail: {}", quickAccess);

to something like:

log.debug("getQrCodeQuickAccessUrlAarDetail called");

This preserves the intent of logging the method invocation for debugging purposes without leaking sensitive information. No additional imports or method changes are required.

Suggested changeset 1
src/main/java/it/pagopa/pn/deliverypushworkflow/legalfacts/LegalFactGeneratorTemplates.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/main/java/it/pagopa/pn/deliverypushworkflow/legalfacts/LegalFactGeneratorTemplates.java b/src/main/java/it/pagopa/pn/deliverypushworkflow/legalfacts/LegalFactGeneratorTemplates.java
--- a/src/main/java/it/pagopa/pn/deliverypushworkflow/legalfacts/LegalFactGeneratorTemplates.java
+++ b/src/main/java/it/pagopa/pn/deliverypushworkflow/legalfacts/LegalFactGeneratorTemplates.java
@@ -411,3 +411,3 @@
         urlData.setRecipientType(it.pagopa.pn.commons.utils.qr.models.RecipientTypeInt.valueOf(recipient.getRecipientType().name()));
-        log.debug("getQrCodeQuickAccessUrlAarDetail: {}", quickAccess);
+        log.debug("getQrCodeQuickAccessUrlAarDetail called");
         return qrUrlCodecService.encode(quickAccess, urlData);
EOF
@@ -411,3 +411,3 @@
urlData.setRecipientType(it.pagopa.pn.commons.utils.qr.models.RecipientTypeInt.valueOf(recipient.getRecipientType().name()));
log.debug("getQrCodeQuickAccessUrlAarDetail: {}", quickAccess);
log.debug("getQrCodeQuickAccessUrlAarDetail called");
return qrUrlCodecService.encode(quickAccess, urlData);
Copilot is powered by AI and may make mistakes. Always verify output.
@abertu75 abertu75 self-requested a review August 6, 2025 13:41
abertu75
abertu75 previously approved these changes Aug 6, 2025
View reviewed changes
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 7, 2025

Quality Gate Passed Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abertu75 abertu75 abertu75 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@CaradonnaMa @abertu75 @empassaro