Fix CodeQL security vulnerabilities in CORS, JWT, logging, and GitHub Actions #53

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

PhantomDave merged 3 commits into main from copilot/fix-codeql-issues

Nov 14, 2025

Merged

Fix CodeQL security vulnerabilities in CORS, JWT, logging, and GitHub Actions #53

Fix potential token exposure in GitHub Actions workflow

Annotations

4 notices

Snapshot successfully created at 2025-11-14T23:09:30.180Z

{ "manifests": { "PhantomDave.BankTracking.Data/PhantomDave.BankTracking.Data.csproj": { "resolved": { "pkg:nuget/System.Composition.Convention@7.0.0": { "package_url": "pkg:nuget/System.Composition.Convention@7.0.0", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:nuget/System.Reflection.Metadata@7.0.0": { "package_url": "pkg:nuget/System.Reflection.Metadata@7.0.0", "relationship": "indirect", "scope": "development", "dependencies": [] }, "pkg:nuget/Mono.TextTemplating@3.0.0": { "package_url": "pkg:nuget/Mono.TextTemplating@3.0.0", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:nuget/Microsoft.EntityFrameworkCore.Relational@9.0.11": { "package_url": "pkg:nuget/Microsoft.EntityFrameworkCore.Relational@9.0.11", "relationship": "indirect", "scope": "runtime", "dependencies": [ "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@9.0.11", "pkg:nuget/Microsoft.EntityFrameworkCore.Analyzers@9.0.11", "pkg:nuget/Microsoft.Extensions.DependencyInjection@9.0.11", "pkg:nuget/Microsoft.Extensions.Logging@9.0.11", "pkg:nuget/Microsoft.Extensions.Options@9.0.11", "pkg:nuget/Microsoft.EntityFrameworkCore.Abstractions@9.0.11", "pkg:nuget/Microsoft.Extensions.Caching.Abstractions@9.0.11", "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@9.0.11", "pkg:nuget/Microsoft.EntityFrameworkCore@9.0.11", "pkg:nuget/Microsoft.Extensions.Primitives@9.0.11", "pkg:nuget/Microsoft.Extensions.Caching.Memory@9.0.11", "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@9.0.11" ] }, "pkg:nuget/Microsoft.Build.Framework@17.8.3": { "package_url": "pkg:nuget/Microsoft.Build.Framework@17.8.3", "relationship": "indirect", "scope": "development", "dependencies": [] }, "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@9.0.11": { "package_url": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@9.0.11", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:nuget/Microsoft.CodeAnalysis.Workspaces.Common@4.8.0": { "package_url": "pkg:nuget/Microsoft.CodeAnalysis.Workspaces.Common@4.8.0", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:nuget/Microsoft.EntityFrameworkCore.Analyzers@9.0.11": { "package_url": "pkg:nuget/Microsoft.EntityFrameworkCore.Analyzers@9.0.11", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:nuget/Npgsql.EntityFrameworkCore.PostgreSQL@9.0.4": { "package_url": "pkg:nuget/Npgsql.EntityFrameworkCore.PostgreSQL@9.0.4", "relationship": "direct", "scope": "runtime", "dependencies": [ "pkg:nuget/Microsoft.EntityFrameworkCore.Relational@9.0.11", "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@9.0.11", "pkg:

Submitting snapshot...

Using .NET SDK version: 10.0.100

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix CodeQL security vulnerabilities in CORS, JWT, logging, and GitHub Actions #53

Uh oh!

Uh oh!

Fix CodeQL security vulnerabilities in CORS, JWT, logging, and GitHub Actions #53

Uh oh!

Annotations

The logs for this run have expired and are no longer available.

Re-running jobs...