Skip to content

Add cool progress bars! (#40) #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
SimonGurney merged 1 commit into from
Nov 27, 2025
Merged

Add cool progress bars! (#40) #67

SimonGurney merged 1 commit into from
Nov 27, 2025

Conversation

@kathamer
Copy link
Contributor

@kathamer kathamer commented Nov 27, 2025

image

github-actions[bot]
github-actions bot previously requested changes Nov 27, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Application Security Assessment Summary

Critical Security Findings

Path Traversal Vulnerability
The application constructs file paths using string concatenation without proper validation in saist/main.py. This vulnerability could allow attackers to manipulate hash values to perform directory traversal attacks, potentially accessing or modifying files outside the intended directory. To remediate this, replace string concatenation with os.path.join() using validated inputs and implement proper path sanitization controls.

Insecure Cache Management
The application stores cache files with predictable names based on file hashes in saist/main.py. This design exposes sensitive information about analyzed files if the cache directory becomes accessible. Attackers could deduce file contents and relationships through hash analysis. Implement strict access controls on cache directories and encrypt sensitive cache data to protect against information disclosure.

@kathamer kathamer linked an issue Nov 27, 2025 that may be closed by this pull request
add a speedo! #40
Closed
@SimonGurney SimonGurney merged commit bf34498 into main Nov 27, 2025
2 checks passed
@SimonGurney SimonGurney deleted the feat-speedometer branch November 27, 2025 22:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SimonGurney SimonGurney SimonGurney approved these changes

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

add a speedo!

2 participants

@kathamer @SimonGurney