Skip to content

Implement DevSecOps4 page with GHAS 4.0 features and intentional security vulnerabilities #98

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Copilot wants to merge 3 commits into
base: main
Choose a base branch
from

Implement DevSecOps4 page with GHAS 4.0 features and intentional vuln…

c770174
Select commit
Loading
Failed to load commit list.
Draft

Implement DevSecOps4 page with GHAS 4.0 features and intentional security vulnerabilities #98

Implement DevSecOps4 page with GHAS 4.0 features and intentional vuln…
c770174
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Aug 20, 2025 in 2s

19 new alerts including 5 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 5 high

Other Alerts:

  • 3 warnings
  • 11 notes

See annotations below for details.

View all branch alerts.

Annotations

Check notice on line 38 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Inefficient use of ContainsKey Note

Inefficient use of 'ContainsKey' and
indexer
Loading
.

Check failure on line 39 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Log entries created from user input High

This log entry depends on a
user-provided value
Loading
.

Check notice on line 49 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Inefficient use of ContainsKey Note

Inefficient use of 'ContainsKey' and
indexer
Loading
.

Check failure on line 52 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Denial of Service from comparison of user input against expensive regex High

This regex operation with dangerous complexity depends on a
user-provided value
Loading
.

Check failure on line 53 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Log entries created from user input High

This log entry depends on a
user-provided value
Loading
.

Check notice on line 59 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check failure on line 58 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Log entries created from user input High

This log entry depends on a
user-provided value
Loading
.

Check notice on line 69 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Inefficient use of ContainsKey Note

Inefficient use of 'ContainsKey' and
indexer
Loading
.

Check failure on line 71 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Log entries created from user input High

This log entry depends on a
user-provided value
Loading
.

Check notice on line 76 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check warning on line 102 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Useless assignment to local variable Warning

This assignment to
deserializedData
Loading
is useless, since its value is never read.

Check warning on line 110 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Useless assignment to local variable Warning

This assignment to
systemJsonData
Loading
is useless, since its value is never read.

Check notice on line 117 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check warning on line 143 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Useless assignment to local variable Warning

This assignment to
deserialized
Loading
is useless, since its value is never read.

Check notice on line 157 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check notice on line 181 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check notice on line 206 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.

Check notice on line 215 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Call to System.IO.Path.Combine Note

Call to 'System.IO.Path.Combine'.

Check notice on line 227 in src/webapp01/Pages/DevSecOps4.cshtml.cs

See this annotation in the file changed.

Code scanning / CodeQL

Generic catch clause Note

Generic catch clause.