Skip to content

Clean up tech debt: remove dead code, fix SQL injection #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Clean up tech debt: remove dead code, fix SQL injection #12

Copilot wants to merge 2 commits into from

Conversation

Copy link

Copilot AI commented Nov 25, 2025
edited
Loading

Repository-wide cleanup to eliminate unused code and fix a critical SQL injection vulnerability.

Removed Dead Code

  • Empty files: python/point.py, python/tests/test_calculator.py, terraform/iac.tf (and their empty parent directories)
  • Unused imports: System.IO, Microsoft.Extensions.FileProviders from DotnetApp/Program.cs; os, re, defaultdict from scripts/report_bofa_emu_versions.py

Security Fix

Fixed SQL injection in python/sql.py by converting string concatenation to parameterized queries:

# Before (vulnerable)
query = "SELECT * FROM users WHERE username = '" + username + "'"
cursor.execute(query)

# After (safe)
query = "SELECT * FROM users WHERE username = %s"
cursor.execute(query, (username,))

Also fixed broken add_user() function where mysql.connector.connect was missing call parentheses.

Module Completion

  • Added rust/tcp.rs to provide the missing module referenced by server.rs (std-only per repo conventions)
Original prompt

Go clean up my code

Custom agent used: Janitor
Perform janitorial tasks on any codebase including cleanup, simplification, and tech debt remediation.

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

@mpchenette
Clean up tech debt: remove empty files, fix unused imports, fix SQL i…
37ab07f 
…njection

Co-authored-by: mpchenette <98562887+mpchenette@users.noreply.github.com>
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 25, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Copilot AI changed the title [WIP] Clean up code for improved readability Clean up tech debt: remove dead code, fix SQL injection Nov 25, 2025
Copilot AI requested a review from mpchenette November 25, 2025 20:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mpchenette mpchenette Awaiting requested review from mpchenette

Assignees

@mpchenette mpchenette

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mpchenette