Re: [PR] feat(Native Filters): Configure creatable filter behavior [superset]

Fri, 11 Apr 2025 03:55:39 -0700 


korbit-ai[bot] commented on code in PR #33096:
URL: https://github.com/apache/superset/pull/33096#discussion_r2039303602


##########
superset-frontend/cypress-base/cypress/support/e2e.ts:
##########
@@ -166,7 +166,7 @@ Cypress.Commands.add('login', () => {
   cy.request({
     method: 'POST',
     url: '/login/',
-    body: { username: 'admin', password: 'general' },
+    body: { username: 'admin', password: 'admin' },

Review Comment:
   ### Default Admin Credentials in Test File <sub>![category 
Security](https://img.shields.io/badge/Security-e11d48)</sub>
   
   <details>
     <summary>Tell me more</summary>
   
   ###### What is the issue?
   Hardcoded admin credentials in a test file that uses default/common values.
   
   ###### Why this matters
   Using common/default admin credentials, even in test files, can be dangerous 
if accidentally deployed to production or if the credentials are reused in 
other environments. This represents a security risk as these are among the 
first credentials attackers try.
   
   ###### Suggested change ∙ *Feature Preview*
   Consider using environment variables or a secure configuration manager for 
test credentials:
   ```typescript
   body: { 
     username: Cypress.env('TEST_USERNAME'), 
     password: Cypress.env('TEST_PASSWORD') 
   },
   ```
   
   
   ###### Provide feedback to improve future suggestions
   [![Nice 
Catch](https://img.shields.io/badge/👍%20Nice%20Catch-71BC78)](https://app.korbit.ai/feedback/aa91ff46-6083-4491-9416-b83dd1994b51/acd1bd05-b634-4bc8-a2d2-02934f2c8483/upvote)
 
[![Incorrect](https://img.shields.io/badge/👎%20Incorrect-white)](https://app.korbit.ai/feedback/aa91ff46-6083-4491-9416-b83dd1994b51/acd1bd05-b634-4bc8-a2d2-02934f2c8483?what_not_true=true)
  [![Not in 
Scope](https://img.shields.io/badge/👎%20Out%20of%20PR%20scope-white)](https://app.korbit.ai/feedback/aa91ff46-6083-4491-9416-b83dd1994b51/acd1bd05-b634-4bc8-a2d2-02934f2c8483?what_out_of_scope=true)
 [![Not in coding 
standard](https://img.shields.io/badge/👎%20Not%20in%20our%20standards-white)](https://app.korbit.ai/feedback/aa91ff46-6083-4491-9416-b83dd1994b51/acd1bd05-b634-4bc8-a2d2-02934f2c8483?what_not_in_standard=true)
 
[![Other](https://img.shields.io/badge/👎%20Other-white)](https://app.korbit.ai/feedback/aa91ff46-6083-4491-9416-b83dd1994b51/acd1bd05-b634-4bc8-a2d2-02934f2c8483)
   </details>
   
   <sub>
   
   💬 Looking for more details? Reply to this comment to chat with Korbit.
   </sub>
   
   <!--- korbi internal id:da4853a1-e16f-40ef-ae04-c149735e08ca -->
   
   
   [](da4853a1-e16f-40ef-ae04-c149735e08ca)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to