[TT-14991] Fixed decode settings to fallback to global settings #901
probelabs / Visor: security
succeeded
Oct 9, 2025 in 2m 38s
✅ Check Passed (Warnings Found)
security check passed. Found 1 warning, but fail_if condition was not met.
Details
📊 Summary
- Total Issues: 1
- Warning Issues: 1
🐛 Issues by Category
🔐 Security (1)
⚠️ main.go:355 - The configuration fallback logic may cause unintentional decoding of sensitive data. If a pump-level decoding setting is explicitlyfalsebut the global setting istrue, the data will still be decoded, potentially exposing sensitive information.
Generated by Visor - AI-powered code review
Annotations
Check warning on line 355 in main.go
probelabs / Visor: security
security Issue
The configuration fallback logic may cause unintentional decoding of sensitive data. If a pump-level decoding setting is explicitly `false` but the global setting is `true`, the data will still be decoded, potentially exposing sensitive information.
Raw output
Modify the configuration logic to distinguish between an unset value and an explicit `false`. This can be achieved by using a pointer to a boolean (`*bool`) for the decoding settings in the pump configuration. The `getDecodingSettings` function should then check if the pump-level setting is `nil`. If it is, fall back to the global setting; otherwise, use the pump-level value.
Loading