Skip to content

[Snyk] Security upgrade werkzeug from 2.0.1 to 3.1.4 #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Commando-X wants to merge 1 commit into
base: main
Choose a base branch
from

fix: requirements.txt to reduce vulnerabilities

c0284b5
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Security upgrade werkzeug from 2.0.1 to 3.1.4 #9

fix: requirements.txt to reduce vulnerabilities
c0284b5
Select commit
Loading
Failed to load commit list.
SonarQubeCloud / SonarCloud Code Analysis failed Dec 6, 2025 in 53s

Quality Gate failed

Failed conditions
14 Security Hotspots
0.0% Coverage on New Code (required ≥ 80%)
E Security Rating on New Code (required ≥ A)
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Annotations

Check failure on line 288 in app.py

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Change this code to not construct SQL queries directly from user-controlled data. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gg_ZYszuChvkAEL&open=AZry-gg_ZYszuChvkAEL&pullRequest=9

Check failure on line 144 in app.py

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Change this code to not construct SQL queries directly from user-controlled data. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gg_ZYszuChvkAEM&open=AZry-gg_ZYszuChvkAEM&pullRequest=9

Check failure on line 9 in app.py

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Don't disclose "Flask" secret keys. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gg_ZYszuChvkAEE&open=AZry-gg_ZYszuChvkAEE&pullRequest=9

Check failure on line 249 in app.py

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Define a constant instead of duplicating this literal 'Access Denied' 3 times. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gg_ZYszuChvkAEB&open=AZry-gg_ZYszuChvkAEB&pullRequest=9

Check warning on line 25 in templates/register.html

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Prefer `globalThis` over `window`. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gfxZYszuChvkAD0&open=AZry-gfxZYszuChvkAD0&pullRequest=9

Check warning on line 20 in static/style.css

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Text does not meet the minimal contrast requirement with its background. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-ggNZYszuChvkAD3&open=AZry-ggNZYszuChvkAD3&pullRequest=9

Check warning on line 2 in templates/admin.html

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Add "lang" and/or "xml:lang" attributes to this "<html>" element 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gfkZYszuChvkADz&open=AZry-gfkZYszuChvkADz&pullRequest=9

Check warning on line 2 in templates/login.html

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Add "lang" and/or "xml:lang" attributes to this "<html>" element 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-geqZYszuChvkADx&open=AZry-geqZYszuChvkADx&pullRequest=9

Check failure on line 183 in app.py

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Change this code to not construct SQL queries directly from user-controlled data. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gg_ZYszuChvkAEK&open=AZry-gg_ZYszuChvkAEK&pullRequest=9

Check failure on line 12 in app.py

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Define a constant instead of duplicating this literal 'bank.db' 11 times. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gg_ZYszuChvkAEC&open=AZry-gg_ZYszuChvkAEC&pullRequest=9

Check failure on line 208 in app.py

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Change this code to not construct SQL queries directly from user-controlled data. 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gg_ZYszuChvkAEJ&open=AZry-gg_ZYszuChvkAEJ&pullRequest=9

Check warning on line 2 in templates/register.html

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Add "lang" and/or "xml:lang" attributes to this "<html>" element 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gfxZYszuChvkAD1&open=AZry-gfxZYszuChvkAD1&pullRequest=9

Check warning on line 2 in templates/dashboard.html

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Add "lang" and/or "xml:lang" attributes to this "<html>" element 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gf_ZYszuChvkAD2&open=AZry-gf_ZYszuChvkAD2&pullRequest=9

Check warning on line 2 in templates/index.html

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

Add "lang" and/or "xml:lang" attributes to this "<html>" element 

See more on https://sonarcloud.io/project/issues?id=commando-x_vuln-bank&issues=AZry-gfWZYszuChvkADy&open=AZry-gfWZYszuChvkADy&pullRequest=9
View more details on SonarQubeCloud