studio/marathon
2
0
Fork 0
Code Issues 121 Pull Requests Actions Packages Projects Releases Wiki Activity

chore(libmarathon): add CodeQL suppression for database secret storage

Browse Source 
Add suppression comment for alert #4 (rust/cleartext-logging) at database.rs:506.
This is database persistence, not logging - the secret field must be stored
for session functionality. False positive will be dismissed in GitHub UI.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Sienna Meridian Satterwhite
2026-02-07 13:10:40 +00:00
parent 303ea7d8e0
commit 841d758316
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
crates/libmarathon/src/persistence/database.rs
View File

@@ -503,6 +503,7 @@ pub fn save_session(conn: &mut Connection, session: &crate::networking::Session)
session.last_active, session.last_active,
session.entity_count as i64, session.entity_count as i64,
session.state.to_string(), session.state.to_string(),
// codeql[rust/cleartext-logging] - This is database persistence, not logging
session.secret.as_ref().map(|b| b.as_ref()), session.secret.as_ref().map(|b| b.as_ref()),
], ],
)?; )?;