Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve CodeQL Alert 41: Missing variable declaration #5706

Closed
9 of 11 tasks
Tracked by #5159
, #5060
...
roslynwythe opened this issue Oct 15, 2023 · 4 comments · Fixed by #5940
Closed
9 of 11 tasks
Tracked by #5159
, #5060
...

Resolve CodeQL Alert 41: Missing variable declaration #5706

roslynwythe opened this issue Oct 15, 2023 · 4 comments · Fixed by #5940
Assignees
@jphamtv
Labels
Complexity: Medium Feature: Code Alerts Feature: Design system ready for dev lead Issues that tech leads or merge team members need to follow up on role: front end Tasks for front end developers size: 1pt Can be done in 4-6 hours
Milestone
x. Technical debt

Comments

@roslynwythe
Copy link
Member

roslynwythe commented Oct 15, 2023
edited by jphamtv
Loading

Prerequisite

  1. Be a member of Hack for LA. (There are no fees to join.) If you have not joined yet, please follow the steps on our Getting Started page.
  2. Before you claim or start working on an issue, please make sure you have read our How to Contribute to Hack for LA Guide.

Overview

As developers. we need to analyze CodeQL query alert 41 and to either recommend dismissal of the alert or update the code to resolve the alert.

Action Items

  • DO NOT DISMISS ANY ALERTS. Dismissal of alerts should be done by dev leads only after review of the recommendation
  • Browse to the link in the next Action Item and read the contents. Click "See More" to view Recommendations, Examples and References.
  • https://github.com/hackforla/website/security/code-scanning/41
  • In a comment in this issue, add your analysis and recommendations. The recommendation can be one of the following: dismiss as test, dismiss as false positive, dismiss as won't fix, or update code. An example of a 'false positive' is a report of a JavaScript syntax error that is caused by markdown or liquid symbols such as --- or {%.
  • Apply the label ready for dev lead then move the issue to Questions/In Review
  • If the recommendation is to update code:
    • create an issue branch and proceed with the code update
    • Using docker, test /design-system/components/button.html locally and confirm that the script behaves identically to the existing web page: Design System Components - Buttons page
    • proceed with pull request in the usual manner

For merge team/dev lead

Resources/Instructions
@roslynwythe roslynwythe added Feature Missing This label means that the issue needs to be linked to a precise feature label. role missing size: missing labels Oct 15, 2023
@github-actions

This comment was marked as resolved.

Sign in to view
@roslynwythe roslynwythe added Complexity: Medium size: 1pt Can be done in 4-6 hours Feature: Design system Feature: Code Alerts role: front end Tasks for front end developers Ready for Prioritization and removed Feature Missing This label means that the issue needs to be linked to a precise feature label. role missing size: missing labels Oct 15, 2023
@roslynwythe roslynwythe changed the title Resolve CodeQL Alert 41: Recommend dismissal or update code Resolve CodeQL Alert 41: Missing variable declaration Oct 15, 2023
@roslynwythe roslynwythe mentioned this issue Oct 15, 2023
Open
20 tasks
@ExperimentsInHonesty ExperimentsInHonesty added this to the x. Technical debt milestone Nov 6, 2023
@jphamtv jphamtv self-assigned this Nov 27, 2023
@github-actions GitHub Actions
Copy link

Hi @jphamtv, thank you for taking up this issue! Hfla appreciates you :)

Do let fellow developers know about your:-
i. Availability: (When are you available to work on the issue/answer questions other programmers might have about your issue?)
ii. ETA: (When do you expect this issue to be completed?)

You're awesome!

P.S. - You may not take up another issue until this issue gets merged (or closed). Thanks again :)

@jphamtv
Copy link
Member

jphamtv commented Nov 27, 2023

Availability for this week: Monday-Friday 12–2 PM, 8–10 PM (PST)
My estimated ETA for completing this issue: 11/29/23

@jphamtv jphamtv mentioned this issue Nov 28, 2023
Merged
@jphamtv jphamtv added the ready for dev lead Issues that tech leads or merge team members need to follow up on label Nov 28, 2023
@jphamtv
Copy link
Member

jphamtv commented Nov 28, 2023
edited by ExperimentsInHonesty
Loading

The code alert was triggered because the 'i' variable in the for loop is not declared, making it a global variable by default.

I suggest updating the code to declare the 'i' variable within the loop. This will make it block-scoped and help avoid any future bugs or alerts.

@roslynwythe roslynwythe mentioned this issue Dec 11, 2023
Closed
16 tasks
Closed
2 tasks
@roslynwythe roslynwythe mentioned this issue Mar 15, 2024
Open
36 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jphamtv jphamtv

Labels
Complexity: Medium Feature: Code Alerts Feature: Design system ready for dev lead Issues that tech leads or merge team members need to follow up on role: front end Tasks for front end developers size: 1pt Can be done in 4-6 hours
Projects
P: HfLA Website: Project Board
Archived in project
Milestone
x. Technical debt
Development

Successfully merging a pull request may close this issue.

Declare Loop Variable in primaryOnDarkHandler Function jphamtv/hackforla-website
3 participants
@jphamtv @roslynwythe @ExperimentsInHonesty