DR-112 - New Feature #29
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| } | ||
| public void save(Sale sale) { | ||
| String sql = "INSERT INTO SALES (item, quantity, amount) VALUES ('" + sale.getItem() + "', " + sale.getQuantity() + ", " + sale.getAmount() + ")"; | ||
| jdbcTemplate.update(sql); |
Check failure
Code scanning / CodeQL
Query built from user-controlled sources High
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request includes changes to the GitHub Actions workflow file
.github/workflows/ci.yml,pom.xml,src/main/java/net/codejava/SalesDAO.java, andsrc/main/resources/static/js/styles.js. The changes mainly involve the renaming and simplification of debugging steps, addition of JavaScript as a language in the CodeQL analysis, downgrading of CodeQL and Autobuild actions, modification of the test splitting glob pattern, removal of the publish-test-results job, and changes in the save method inSalesDAO.java. Additionally, a new dependency was added topom.xmland the color scheme instyles.jswas updated.CI Workflow modifications:
.github/workflows/ci.yml: Renamed thessh_debug_enabledinput todebug_enabledand updated its description..github/workflows/ci.yml: Added 'javascript' to thelanguagematrix..github/workflows/ci.yml: Downgraded the version ofgithub/codeql-action/init,github/codeql-action/autobuild, andgithub/codeql-action/analyzefrom v3 to v2. [1] [2].github/workflows/ci.yml: Updated theifcondition in theSetup tmate sessionstep to use the newdebug_enabledinput..github/workflows/ci.yml: Removed thepublish-test-resultsjob..github/workflows/ci.yml: Removed thedebuginput from thewithsection of thedeploy-to-awsjob.Addition of a new dependency:
pom.xml: Added a new dependency forspring-security-core.Changes in the
SalesDAO.javafile:src/main/java/net/codejava/SalesDAO.java: Simplified thesavemethod by removing the checks for duplicate keys and null values, and changed the SQL statement.Changes in the
styles.jsfile:src/main/resources/static/js/styles.js: Changed the color of headers when the search feature is enabled.