Refactor code formatting for clarity in project_d_vuln.py

fernandomatsuosantos · fernandomatsuosantos · commit a46eb7b3a8d4 · 2025-07-23T21:04:09.000-03:00
diff --git a/circle_ci/codeql_analysis_pr.yml b/circle_ci/codeql_analysis_pr.yml
@@ -28,23 +28,27 @@ jobs:
             # ----------------------------
             # set variables for pull request context
             # ----------------------------
-            if [ -n "$CIRCLE_PULL_REQUEST" ]; then
-              echo "Running in a pull request context"
-              PR_NUMBER=$(basename $CIRCLE_PULL_REQUEST)
-              REPO_PATH=$(echo "$CIRCLE_PULL_REQUEST" | sed -E 's|https://github.com/([^/]+/[^/]+)/pull/[0-9]+|\1|')
-              BASE_REF=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \
-                https://api.github.com/repos/${REPO_PATH}/pulls/${PR_NUMBER} \
-                | jq -r .base.ref)
-              BASE_REF="origin/${BASE_REF}"
-              REF="refs/pull/${PR_NUMBER}/merge"
-            fi
+            # if [ -n "$CIRCLE_PULL_REQUEST" ]; then
+            #   echo "Running in a pull request context"
+            #   PR_NUMBER=$(basename $CIRCLE_PULL_REQUEST)
+            #   REPO_PATH=$(echo "$CIRCLE_PULL_REQUEST" | sed -E 's|https://github.com/([^/]+/[^/]+)/pull/[0-9]+|\1|')
+            #   BASE_REF=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \
+            #     https://api.github.com/repos/${REPO_PATH}/pulls/${PR_NUMBER} \
+            #     | jq -r .base.ref)
+            #   BASE_REF="origin/${BASE_REF}"
+            #   REF="refs/pull/${PR_NUMBER}/merge"
+            # fi
             curl -s -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/user
+            # codeql-wrapper --verbose analyze ./monorepo \
+            #   --monorepo \
+            #   --upload-sarif \
+            #   --only-changed-files \
+            #   --base-ref "$BASE_REF" \
+            #   --ref "$REF"
             codeql-wrapper --verbose analyze ./monorepo \
               --monorepo \
               --upload-sarif \
-              --only-changed-files \
-              --base-ref "$BASE_REF" \
-              --ref "$REF"
+              --only-changed-files
 
 workflows:
   version: 2
diff --git a/monorepo/project-python-2/project_d_vuln.py b/monorepo/project-python-2/project_d_vuln.py
@@ -1,23 +1,34 @@
+# This file is part of a CodeQL project that tests for SQL injection vulnerabilities.
+# 1
+
 import sqlite3
 from flask import Flask, request
 
 app = Flask(__name__)
 
+
 def initialize_database():
     connection = sqlite3.connect("example.db")
     cursor = connection.cursor()
-    cursor.execute("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, username TEXT, password TEXT)")
-    cursor.execute("INSERT INTO users (username, password) VALUES ('admin', 'adminpass')")
+    cursor.execute(
+        "CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, username TEXT, password TEXT)"
+    )
+    cursor.execute(
+        "INSERT INTO users (username, password) VALUES ('admin', 'adminpass')"
+    )
     connection.commit()
     connection.close()
 
+
 @app.route("/login", methods=["POST"])
 def login():
     username = request.form.get("username")
     password = request.form.get("password")
 
     # Vulnerable to SQL injection
-    query = f"SELECT * FROM users WHERE username = '{username}' AND password = '{password}'"
+    query = (
+        f"SELECT * FROM users WHERE username = '{username}' AND password = '{password}'"
+    )
     print(f"Executing query: {query}")
 
     connection = sqlite3.connect("example.db")
@@ -30,6 +41,7 @@ def login():
     else:
         return "Invalid username or password"
 
+
 if __name__ == "__main__":
     initialize_database()
     app.run(debug=True)
