Skip to content

fix: SQL Injection via dot-notation sub-key name in Increment operation on PostgreSQL (GHSA-gqpp-xgvh-9h7h)#10165

Merged
mtrezza merged 4 commits into
parse-community:alphafrom
mtrezza:fix/GHSA-gqpp-xgvh-9h7h-v9
Mar 10, 2026
Merged

fix: SQL Injection via dot-notation sub-key name in Increment operation on PostgreSQL (GHSA-gqpp-xgvh-9h7h)#10165
mtrezza merged 4 commits into
parse-community:alphafrom
mtrezza:fix/GHSA-gqpp-xgvh-9h7h-v9

Update vulnerabilities.spec.js

3f0755f
Select commit
Loading
Failed to load commit list.
Codecov / codecov/project succeeded Mar 10, 2026 in 0s

92.60% (+0.01%) compared to 03287cf

View this Pull Request on Codecov

92.60% (+0.01%) compared to 03287cf

Details

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.60%. Comparing base (03287cf) to head (3f0755f).
⚠️ Report is 1 commits behind head on alpha.

Additional details and impacted files
@@            Coverage Diff             @@
##            alpha   #10165      +/-   ##
==========================================
+ Coverage   92.59%   92.60%   +0.01%     
==========================================
  Files         192      192              
  Lines       16212    16214       +2     
  Branches      183      183              
==========================================
+ Hits        15011    15015       +4     
+ Misses       1189     1187       -2     
  Partials       12       12              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.