Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat/merge in system text json branch; fixes #262 #354

Open
wants to merge 35 commits into
base: development
Choose a base branch
from
Open

Feat/merge in system text json branch; fixes #262 #354

wants to merge 35 commits into from

Conversation

lxatstariongroup
Copy link
Contributor

Prerequisites

  • I have written a descriptive pull-request title
  • I have verified that there are no overlapping pull-requests open
  • I have verified that I am following the COMET-SDK code style guidelines
  • I have provided test coverage for my change (where applicable)

Description

[WIP] Feat/merge in system text json branch

antoineatrhea and others added 20 commits March 21, 2024 14:37
Fix #262: Moved from Newtonsoft.Json to System.Text.Json
a626887
Fix SQ issues
b6ad0cb
Update README
3493e78
Fix SQ issue
843b096
space indentation and encoding in all csproj file + versionbump script
721771b
Missing method on ICDP4JsonSerializer interface
f1aee5c
Added Deserialize from string
bb9e07a
added snupkg
585d6fb
PostOperation is concrete class now
160c208
Improved deserialization of postoperation
09d9365
Remove useless constructor of PostOperation
f155be5
Requested changes, fix build and improved PropertySerialization
ebafaa4
Fix deserialization of OrderedItem
b1227a4
Remove default value for IgnoreCopyProperty for PostOperation serialize
3b03b1f
Missing README in CDP4JsonSerializer
0665703
Initial commit containing only codegen Serializer and Resolver classes
c11aa53
Merge branch 'feat/gh262-system-text-json-serializer' into feat/merge…
69c87ef 
…-in-system-text-json-branch
Bump version number and fix errors
64d2721
Story so far
f7ddc66
Finetuning
10cfdfc
@lxatstariongroup lxatstariongroup self-assigned this Nov 5, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 5, 2024
View reviewed changes
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
emailAddress.ModifiedOn = jObject["modifiedOn"].ToObject<DateTime>();
if(modifiedOnProperty.ValueKind == JsonValueKind.Null)
{
Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);

Check warning

Code scanning / CodeQL

Exposure of private information Medium

Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.

Copilot Autofix AI 15 days ago

To fix the problem, we should avoid logging the Iid directly. Instead, we can log a generic message that does not include any sensitive information. This way, we can still keep track of the event without exposing private data.

  • Replace the logging statements that include emailAddress.Iid with a more generic message.
  • Ensure that no sensitive information is logged.
Suggested changeset 1
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
--- a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
+++ b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
@@ -88,3 +88,3 @@
                 {
-                    Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale modifiedOn property of an emailAddress is null");
                 }
@@ -100,3 +100,3 @@
                 {
-                    Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale thingPreference property of an emailAddress is null");
                 }
@@ -112,3 +112,3 @@
                 {
-                    Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale value property of an emailAddress is null");
                 }
@@ -124,3 +124,3 @@
                 {
-                    Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale vcardType property of an emailAddress is null");
                 }
EOF
@@ -88,3 +88,3 @@
{
Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale modifiedOn property of an emailAddress is null");
}
@@ -100,3 +100,3 @@
{
Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale thingPreference property of an emailAddress is null");
}
@@ -112,3 +112,3 @@
{
Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale value property of an emailAddress is null");
}
@@ -124,3 +124,3 @@
{
Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale vcardType property of an emailAddress is null");
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
emailAddress.ThingPreference = jObject["thingPreference"].ToObject<string>();
if(thingPreferenceProperty.ValueKind == JsonValueKind.Null)
{
Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);

Check warning

Code scanning / CodeQL

Exposure of private information Medium

Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.

Copilot Autofix AI 15 days ago

To fix the problem, we should avoid logging sensitive information directly. Instead, we can log a generic message without including the sensitive emailAddress.Iid. This way, we still get the benefit of logging without exposing private data.

  • Modify the logging statements to remove the inclusion of emailAddress.Iid.
  • Ensure that the log messages are still informative enough for debugging purposes without exposing sensitive information.
Suggested changeset 1
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
--- a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
+++ b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
@@ -88,3 +88,3 @@
                 {
-                    Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale modifiedOn property of an emailAddress is null");
                 }
@@ -100,3 +100,3 @@
                 {
-                    Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale thingPreference property of an emailAddress is null");
                 }
@@ -112,3 +112,3 @@
                 {
-                    Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale value property of an emailAddress is null");
                 }
@@ -124,3 +124,3 @@
                 {
-                    Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale vcardType property of an emailAddress is null");
                 }
EOF
@@ -88,3 +88,3 @@
{
Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale modifiedOn property of an emailAddress is null");
}
@@ -100,3 +100,3 @@
{
Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale thingPreference property of an emailAddress is null");
}
@@ -112,3 +112,3 @@
{
Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale value property of an emailAddress is null");
}
@@ -124,3 +124,3 @@
{
Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale vcardType property of an emailAddress is null");
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
emailAddress.Value = jObject["value"].ToObject<string>();
if(valueProperty.ValueKind == JsonValueKind.Null)
{
Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);

Check warning

Code scanning / CodeQL

Exposure of private information Medium

Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.

Copilot Autofix AI 15 days ago

To fix the problem, we should avoid logging sensitive information such as emailAddress.Iid. Instead, we can log a generic message that does not include any sensitive data. This change will ensure that private information is not exposed through log files.

  • Modify the Logger.Trace calls to remove the inclusion of emailAddress.Iid.
  • Update the log messages to be more generic and not include any sensitive information.
Suggested changeset 1
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
--- a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
+++ b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
@@ -88,3 +88,3 @@
                 {
-                    Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale modifiedOn property of an emailAddress is null");
                 }
@@ -100,3 +100,3 @@
                 {
-                    Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale thingPreference property of an emailAddress is null");
                 }
@@ -112,3 +112,3 @@
                 {
-                    Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale value property of an emailAddress is null");
                 }
@@ -124,3 +124,3 @@
                 {
-                    Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale vcardType property of an emailAddress is null");
                 }
EOF
@@ -88,3 +88,3 @@
{
Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale modifiedOn property of an emailAddress is null");
}
@@ -100,3 +100,3 @@
{
Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale thingPreference property of an emailAddress is null");
}
@@ -112,3 +112,3 @@
{
Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale value property of an emailAddress is null");
}
@@ -124,3 +124,3 @@
{
Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale vcardType property of an emailAddress is null");
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
emailAddress.VcardType = jObject["vcardType"].ToObject<VcardEmailAddressKind>();
if(vcardTypeProperty.ValueKind == JsonValueKind.Null)
{
Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);

Check warning

Code scanning / CodeQL

Exposure of private information Medium

Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.
Private data returned by
access to local variable emailAddress
Loading
is written to an external location.

Copilot Autofix AI 15 days ago

To fix the problem, we should avoid logging the Iid directly. Instead, we can log a sanitized or masked version of the Iid to ensure that sensitive information is not exposed. This can be achieved by hashing the Iid before logging it. We will use a cryptographic hash function to generate a fixed-length hash of the Iid, which will be logged instead of the raw Iid.

Suggested changeset 1
CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
--- a/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
+++ b/CDP4JsonSerializer/AutoGenDtoDeserializer/EmailAddressResolver.cs
@@ -32,2 +32,4 @@
     using System.Text.Json;
+    using System.Security.Cryptography;
+    using System.Text;
 
@@ -47,2 +49,11 @@
 
+        private static string HashIid(Guid iid)
+        {
+            using (var sha256 = SHA256.Create())
+            {
+                var hashBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(iid.ToString()));
+                return Convert.ToBase64String(hashBytes);
+            }
+        }
+
         /// <summary>
@@ -88,3 +99,3 @@
                 {
-                    Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
                 }
@@ -100,3 +111,3 @@
                 {
-                    Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
                 }
@@ -112,3 +123,3 @@
                 {
-                    Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
                 }
@@ -124,3 +135,3 @@
                 {
-                    Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
+                    Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
                 }
EOF
@@ -32,2 +32,4 @@
using System.Text.Json;
using System.Security.Cryptography;
using System.Text;

@@ -47,2 +49,11 @@

private static string HashIid(Guid iid)
{
using (var sha256 = SHA256.Create())
{
var hashBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(iid.ToString()));
return Convert.ToBase64String(hashBytes);
}
}

/// <summary>
@@ -88,3 +99,3 @@
{
Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale modifiedOn property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
}
@@ -100,3 +111,3 @@
{
Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale thingPreference property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
}
@@ -112,3 +123,3 @@
{
Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale value property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
}
@@ -124,3 +135,3 @@
{
Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", emailAddress.Iid);
Logger.Trace("The non-nullabale vcardType property of the emailAddress {id} is null", HashIid(emailAddress.Iid));
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@lxatstariongroup lxatstariongroup changed the title [WIP] Feat/merge in system text json branch Feat/merge in system text json branch; fixes #262 Nov 19, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 21, 2024
View reviewed changes
CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
telephoneNumber.ModifiedOn = jObject["modifiedOn"].ToObject<DateTime>();
if(modifiedOnProperty.ValueKind == JsonValueKind.Null)
{
Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber {id} is null", telephoneNumber.Iid);

Check warning

Code scanning / CodeQL

Exposure of private information Medium

Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.

Copilot Autofix AI 12 days ago

To fix the problem, we need to ensure that sensitive information is not logged. We can achieve this by either removing the logging statement or by masking the sensitive information before logging it. In this case, we will remove the logging statement to prevent any potential exposure of private information.

Suggested changeset 1
CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs b/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
--- a/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
+++ b/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
@@ -88,3 +88,3 @@
                 {
-                    Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    // The non-nullabale modifiedOn property of the telephoneNumber is null
                 }
@@ -100,3 +100,3 @@
                 {
-                    Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    // The non-nullabale thingPreference property of the telephoneNumber is null
                 }
@@ -112,3 +112,3 @@
                 {
-                    Logger.Trace("The non-nullabale value property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    // The non-nullabale value property of the telephoneNumber is null
                 }
EOF
@@ -88,3 +88,3 @@
{
Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber {id} is null", telephoneNumber.Iid);
// The non-nullabale modifiedOn property of the telephoneNumber is null
}
@@ -100,3 +100,3 @@
{
Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber {id} is null", telephoneNumber.Iid);
// The non-nullabale thingPreference property of the telephoneNumber is null
}
@@ -112,3 +112,3 @@
{
Logger.Trace("The non-nullabale value property of the telephoneNumber {id} is null", telephoneNumber.Iid);
// The non-nullabale value property of the telephoneNumber is null
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
telephoneNumber.ThingPreference = jObject["thingPreference"].ToObject<string>();
if(thingPreferenceProperty.ValueKind == JsonValueKind.Null)
{
Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber {id} is null", telephoneNumber.Iid);

Check warning

Code scanning / CodeQL

Exposure of private information Medium

Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.

Copilot Autofix AI 12 days ago

To fix the problem, we should avoid logging the telephoneNumber.Iid directly. Instead, we can log a generic message that does not include potentially sensitive information. This way, we maintain the logging functionality without risking the exposure of private data.

  • Replace the logging statements that include telephoneNumber.Iid with more generic messages.
  • Ensure that the new logging messages do not contain any sensitive information.
Suggested changeset 1
CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs b/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
--- a/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
+++ b/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
@@ -88,3 +88,3 @@
                 {
-                    Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    Logger.Trace("The non-nullabale modifiedOn property of a telephoneNumber is null");
                 }
@@ -100,3 +100,3 @@
                 {
-                    Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    Logger.Trace("The non-nullabale thingPreference property of a telephoneNumber is null");
                 }
@@ -112,3 +112,3 @@
                 {
-                    Logger.Trace("The non-nullabale value property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    Logger.Trace("The non-nullabale value property of a telephoneNumber is null");
                 }
EOF
@@ -88,3 +88,3 @@
{
Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber {id} is null", telephoneNumber.Iid);
Logger.Trace("The non-nullabale modifiedOn property of a telephoneNumber is null");
}
@@ -100,3 +100,3 @@
{
Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber {id} is null", telephoneNumber.Iid);
Logger.Trace("The non-nullabale thingPreference property of a telephoneNumber is null");
}
@@ -112,3 +112,3 @@
{
Logger.Trace("The non-nullabale value property of the telephoneNumber {id} is null", telephoneNumber.Iid);
Logger.Trace("The non-nullabale value property of a telephoneNumber is null");
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
telephoneNumber.Value = jObject["value"].ToObject<string>();
if(valueProperty.ValueKind == JsonValueKind.Null)
{
Logger.Trace("The non-nullabale value property of the telephoneNumber {id} is null", telephoneNumber.Iid);

Check warning

Code scanning / CodeQL

Exposure of private information Medium

Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.
Private data returned by
access to local variable telephoneNumber
Loading
is written to an external location.

Copilot Autofix AI 12 days ago

To fix the problem, we need to ensure that sensitive information is not logged. One way to achieve this is by redacting or omitting the sensitive information from the log messages. In this case, we can avoid logging the telephoneNumber.Iid directly.

  • Identify the lines where sensitive information is logged.
  • Modify the log messages to exclude sensitive information or replace it with a non-sensitive placeholder.
  • Ensure that the changes do not affect the existing functionality of the code.
Suggested changeset 1
CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs b/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
--- a/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
+++ b/CDP4JsonSerializer/AutoGenDtoDeserializer/TelephoneNumberResolver.cs
@@ -88,3 +88,3 @@
                 {
-                    Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber is null");
                 }
@@ -100,3 +100,3 @@
                 {
-                    Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber is null");
                 }
@@ -112,3 +112,3 @@
                 {
-                    Logger.Trace("The non-nullabale value property of the telephoneNumber {id} is null", telephoneNumber.Iid);
+                    Logger.Trace("The non-nullabale value property of the telephoneNumber is null");
                 }
EOF
@@ -88,3 +88,3 @@
{
Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber {id} is null", telephoneNumber.Iid);
Logger.Trace("The non-nullabale modifiedOn property of the telephoneNumber is null");
}
@@ -100,3 +100,3 @@
{
Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber {id} is null", telephoneNumber.Iid);
Logger.Trace("The non-nullabale thingPreference property of the telephoneNumber is null");
}
@@ -112,3 +112,3 @@
{
Logger.Trace("The non-nullabale value property of the telephoneNumber {id} is null", telephoneNumber.Iid);
Logger.Trace("The non-nullabale value property of the telephoneNumber is null");
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Nov 21, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
72.4% Coverage on New Code
7.8% Duplication on New Code

See analysis details on SonarQube Cloud

samatstariongroup
samatstariongroup requested changes Nov 21, 2024
View reviewed changes
CDP4Dal/CDPMessageBus.cs Outdated Show resolved Hide resolved
CDP4DalCommon/Protocol/Tasks/CometTask.cs Outdated Show resolved Hide resolved
CDP4ServicesDal/CdpServicesDal.cs Outdated Show resolved Hide resolved
CDP4DalJsonSerializer/CDP4DalJsonSerializer.csproj Outdated Show resolved Hide resolved
Alexander van Delft added 3 commits November 22, 2024 10:26
@lxatstariongroup lxatstariongroup marked this pull request as ready for review November 26, 2024 16:31
samatstariongroup
samatstariongroup requested changes Nov 27, 2024
View reviewed changes
CDP4Dal/Assembler.cs Show resolved Hide resolved
CDP4JsonSerializer/SerializerOptions.cs Outdated Show resolved Hide resolved
CDP4ServicesDal/CdpServicesDal.cs Outdated Show resolved Hide resolved
CDP4Dal.NetCore.Tests/Operations/PostOperationTestFixture.cs Show resolved Hide resolved
CDP4Dal.Tests/Operations/PostOperationTestFixture.cs Show resolved Hide resolved
CDP4JsonSerializer.Tests/PostOperation/CdpPostOperation.cs Outdated Show resolved Hide resolved
CDP4JsonSerializer/AutoGenDtoSerializer/PersonPermissionSerializer.cs Outdated Show resolved Hide resolved
CDP4JsonSerializer/CDP4JsonSerializer.csproj Outdated Show resolved Hide resolved
CDP4JsonSerializer/Cdp4JsonSerializer.cs Outdated Show resolved Hide resolved
CDP4ServicesDal/CDP4ServicesDal.csproj Show resolved Hide resolved
Alexander van Delft added 3 commits November 27, 2024 12:15
- use PostOperation where possible
64abba5 
- Use same unit JsoinSerializer tests for Net and NetCore
- Add extra datamodel version checks to JsonSerializers
- use Microsoft.AspNet.WebApi.Client instead of System.Net.Http.Forma…
e4da0af 
…tting.Extension
- Refactor creation of default JsonSerializerOptions
2022268
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samatstariongroup samatstariongroup samatstariongroup requested changes

@antoineatstariongroup antoineatstariongroup Awaiting requested review from antoineatstariongroup

Assignees

@lxatstariongroup lxatstariongroup

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lxatstariongroup @samatstariongroup @antoineatstariongroup