Mercurial > p > roundup > code
annotate .codecov.yml @ 8356:63390dcfcfe9
bug: fix template use of structure with untrusted data
Looks like an xSS bug with an early version of the template that was
fixed in the code but never in the deployed tracker. It has been a
while since this particular construct has been in the classic template
which is the base for the tracker.
This has been fixed on the deployed tracker as well.
reported by 4bug of ChaMd5 Security Team H1 Group
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 08 Jul 2025 10:23:09 -0400 |
| parents | a8741a95645a |
| children |
| rev | line source |
|---|---|
|
5693
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
1 # - "path/to/folder" # ignore folders and all its contents |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
2 # - "test_*.rb" # wildcards accepted |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
3 # - "**/*.py" # glob accepted |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
4 # - "[a-z]+/test_.*" # regexp accepted |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
5 |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
6 # ignore files that are build utils and not executed |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
7 # code, or are deprecated. |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
8 ignore: |
|
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
9 - "roundup/cgi/TAL/talgettext.py" # utility command |
|
5694
c3ffa1ef6b7f
Exclude cgi/TAL/DummyEngine.py as it looks like a test harness.
John Rouillard <rouilj@ieee.org>
parents:
5693
diff
changeset
|
10 - "roundup/cgi/TAL/DummyEngine.py" # test harness |
|
5693
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
11 - "roundup/cgi/apache.py" # mod_python is deprecated |
|
7015
a8741a95645a
Backed out changeset f786abac77d5
John Rouillard <rouilj@ieee.org>
parents:
7014
diff
changeset
|
12 - "roundup/install_util.py" # another build utlity |
|
5693
41451bfae756
See if we can ignore some items in codecov that we don't care about
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
13 - "roundup/dist" # more build utils |
|
6362
5f0463897afc
Add roundup/test to list of files to ignore for code coverage.
John Rouillard <rouilj@ieee.org>
parents:
5694
diff
changeset
|
14 - "roundup/test" # code used for testing |