test: add password to users creation#67
Conversation
PR SummaryMedium Risk Overview Reviewed by Cursor Bugbot for commit 751b017. Configure here. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using default mode and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Password with quotes breaks SQL via f-string interpolation
- Single quotes in SQL_USER_PASSWORD are doubled before embedding in IDENTIFIED BY string literals so the generated SQL stays valid and cannot break out of the literal.
Or push these changes by commenting:
@cursor push 190627bb9d
Preview (190627bb9d)
diff --git a/.github/workflows/s2ms_cluster.py b/.github/workflows/s2ms_cluster.py
--- a/.github/workflows/s2ms_cluster.py
+++ b/.github/workflows/s2ms_cluster.py
@@ -39,9 +39,14 @@
cur.execute(f"DROP DATABASE IF EXISTS {create_db}")
cur.execute(f"CREATE DATABASE {create_db}")
elif command == Command.CREATE_ROLES:
- cur.execute(f"CREATE USER user_1 IDENTIFIED BY '{SQL_USER_PASSWORD}'")
- cur.execute(f"CREATE USER user_2 IDENTIFIED BY '{SQL_USER_PASSWORD}'")
- cur.execute(f"CREATE USER user_3 IDENTIFIED BY '{SQL_USER_PASSWORD}'")
+ sql_password = (
+ SQL_USER_PASSWORD.replace("'", "''")
+ if SQL_USER_PASSWORD is not None
+ else None
+ )
+ cur.execute(f"CREATE USER user_1 IDENTIFIED BY '{sql_password}'")
+ cur.execute(f"CREATE USER user_2 IDENTIFIED BY '{sql_password}'")
+ cur.execute(f"CREATE USER user_3 IDENTIFIED BY '{sql_password}'")
finally:
cur.close()
conn.close()You can send follow-ups to the cloud agent here.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 751b017. Configure here.
2 participants
No description provided.