Closed
Bug 424408
Opened 17 years ago
Closed 8 years ago
Perform automated audit of SQL statements
Categories
(Toolkit :: Places, defect)
Toolkit
Places
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: ondrej, Unassigned)
References
Details
Bug 405920 introduces a script that extracts all SQL statements from the source code and analyzes potentially dangerous statements.
A process should be established, that will run this test automatically and watch for differences. If there is a difference detected the added or changed SQL statements should be reviewed and either approved as safe or fixed.
My idea was to include the approved file in the source tree - when you introduce potentially dangerous statement, you would have to regenerate the file and get it reviewed and landed. This would allow local check that everything is ok.
|
||
Comment 1•17 years ago
|
||
I'm not sure where this should go, but it's not here.
Assignee: morgamic → nobody
Component: Tinderbox → Testing
Product: Webtools → Core
QA Contact: tinderbox → testing
|
||
Comment 2•17 years ago
|
||
Requesting blocking to get traction on this - we should make sure we don't introduce more dangerous statements.
Flags: blocking1.9?
|
||
Comment 3•17 years ago
|
||
This is not something we should hold the release for.
Flags: blocking1.9? → blocking1.9-
|
||
Updated•16 years ago
|
Component: Testing → Places
Product: Core → Toolkit
QA Contact: testing → places
|
||
Comment 4•8 years ago
|
||
not going to happen, we'll rely on reviews. In general all the statements should be bound unless the code controls 100% what we bind.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•