Hi,
We are working with glue job and the unit test cases for this job.
SonarQube is showing security hotspot in one file named logger.py as - “make sure that this logger’s configuration is safe”.
logging.basicConfig(level=logging.INFO, format=‘%(message)s’)
We didn’t find anything wrong in the code. Do you have any solution for this issue?
Hey there.
- With a hotspot, a security-sensitive piece of code is highlighted, but the overall application security may not be impacted. It’s up to the developer to review the code to determine whether or not a fix is needed to secure the code.
So it sounds like you need to mark the hotspot as Safe! A user who has Administrator security hotspots permission on project can perform this action.
- Safe: A developer has reviewed the security hotspot and determined that no change is necessary (for example, because other more relevant protections are already in place).
Hi Colin,
Thanks for your reply. I will convey this to my technical lead.