Skip to content

ci(coverage): raise gate to 99/98 + coverage uplift to ceiling (GRC-144)#18

Draft
p4gs wants to merge 62 commits into
mainfrom
ci/GRC-144-raise-to-100pct
Draft

ci(coverage): raise gate to 99/98 + coverage uplift to ceiling (GRC-144)#18
p4gs wants to merge 62 commits into
mainfrom
ci/GRC-144-raise-to-100pct

policy(coverage): set requirement to 95% lines/functions (prime direc…

a8411f9
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Semgrep OSS succeeded May 15, 2026 in 4s

19 new alerts

New alerts in code changed by this pull request

  • 19 notes

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check notice on line 754 in src/api/handlers.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 795 in src/api/handlers.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 832 in src/api/handlers.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 55 in src/api/server.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 2263 in src/cli/mod.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 2374 in src/cli/mod.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 2400 in src/cli/mod.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 2451 in src/cli/mod.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 2498 in src/cli/mod.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 2514 in src/cli/mod.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 2537 in src/cli/mod.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 381 in src/config/loader.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 412 in src/config/loader.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.temp-dir.temp-dir Note

temp_dir should not be used for security operations. From the docs: 'The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.'

Check notice on line 622 in src/fleet/executor.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.unsafe-usage.unsafe-usage Note

Detected 'unsafe' usage, please audit for secure usage

Check notice on line 678 in src/fleet/executor.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.unsafe-usage.unsafe-usage Note

Detected 'unsafe' usage, please audit for secure usage

Check notice on line 697 in src/fleet/executor.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.unsafe-usage.unsafe-usage Note

Detected 'unsafe' usage, please audit for secure usage

Check notice on line 1134 in src/fleet/executor.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.unsafe-usage.unsafe-usage Note

Detected 'unsafe' usage, please audit for secure usage

Check notice on line 1184 in src/fleet/executor.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.unsafe-usage.unsafe-usage Note

Detected 'unsafe' usage, please audit for secure usage

Check notice on line 1497 in src/fleet/executor.rs

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: rust.lang.security.unsafe-usage.unsafe-usage Note

Detected 'unsafe' usage, please audit for secure usage